{
 "cells": [
  {
   "cell_type": "markdown",
   "id": "74891837",
   "metadata": {},
   "source": [
    "## Elastic Search Retriver\n",
    "This notebooks shows you how you can create a elastic search connection, how can you retrive the data from elastic search instance."
   ]
  },
  {
   "cell_type": "markdown",
   "id": "59438670",
   "metadata": {},
   "source": [
    "<span style=\"color:blueviolet\">Step 1. Please provide ELastic Search URL and Certifcate Path</span>"
   ]
  },
  {
   "cell_type": "code",
   "execution_count": 3,
   "id": "234f9132",
   "metadata": {},
   "outputs": [],
   "source": [
    "ES_URL = \"Add URL Here\"\n",
    "ca_certs_path = \"Add path here\""
   ]
  },
  {
   "cell_type": "code",
   "execution_count": 34,
   "id": "dbf08c4b",
   "metadata": {},
   "outputs": [],
   "source": [
    "from elasticsearch import Elasticsearch\n",
    "from elasticsearch.exceptions import RequestError\n",
    "import re\n",
    "\n",
    "# Create an instance of Elasticsearch with TLS options\n",
    "es_client = Elasticsearch(\n",
    "    ES_URL,\n",
    "    ca_certs=ca_certs_path\n",
    ")\n"
   ]
  },
  {
   "cell_type": "markdown",
   "id": "64cb0e00",
   "metadata": {},
   "source": [
    "<span style=\"color:blueviolet\">Step 2. Checking Elastic Search Connection Info</span>"
   ]
  },
  {
   "cell_type": "code",
   "execution_count": 2,
   "id": "8dbc5490",
   "metadata": {},
   "outputs": [
    {
     "name": "stdout",
     "output_type": "stream",
     "text": [
      "{'name': 'm-2.3d862675-f715-499c-b9e4-ffba4d8321a0.d5c42fad68fd498ba08f6af6107b71cd.2adb0220806343e3ae11df79c89b377f.databases.appdomain.cloud', 'cluster_name': '3d862675-f715-499c-b9e4-ffba4d8321a0', 'cluster_uuid': 'UsM9ak-LRYajVAwt5yeQxw', 'version': {'number': '7.10.2', 'build_flavor': 'oss', 'build_type': 'tar', 'build_hash': '747e1cc71def077253878a59143c1f785afa92b9', 'build_date': '2021-01-13T00:42:12.435326Z', 'build_snapshot': False, 'lucene_version': '8.7.0', 'minimum_wire_compatibility_version': '6.8.0', 'minimum_index_compatibility_version': '6.0.0-beta1'}, 'tagline': 'You Know, for Search'}\n"
     ]
    }
   ],
   "source": [
    "info = es_client.info()\n",
    "print(info)\n"
   ]
  },
  {
   "cell_type": "markdown",
   "id": "879412aa",
   "metadata": {},
   "source": [
    "<span style=\"color:blueviolet\">Step 3. Please provide Elastic Search index name where you want to search the query</span>"
   ]
  },
  {
   "cell_type": "code",
   "execution_count": 3,
   "id": "c4b61ec8",
   "metadata": {},
   "outputs": [],
   "source": [
    "index_name = 'superknowa'"
   ]
  },
  {
   "cell_type": "markdown",
   "id": "202bbbd1",
   "metadata": {},
   "source": [
    "<span style=\"color:blueviolet\">Step 4. Building a search query</span>"
   ]
  },
  {
   "cell_type": "code",
   "execution_count": 4,
   "id": "c23f15f3",
   "metadata": {},
   "outputs": [],
   "source": [
    "### Search with specific query\n",
    "search_query1 = {\n",
    "  \"query\": {\n",
    "    \"bool\": {\n",
    "      \"must\": {\n",
    "        \"match\": {      \n",
    "          \"content\": \"A 2-node IBM Sterling B2B Integrator (SBI) clustered solution is being designed. The customer will initiate connections with external partners using HTTP, FTP and SFTP protocols. For load balancing and fail over purposes 2 client adapters for each protocol are configured on each node and Service Groups are being used. How many Service Groups will be required?\"\n",
    "        }\n",
    "      }\n",
    "    }\n",
    "  }\n",
    "}"
   ]
  },
  {
   "cell_type": "markdown",
   "id": "05596edd",
   "metadata": {},
   "source": [
    "<span style=\"color:blueviolet\">Step 5. Searching query in Elastic Search</span>"
   ]
  },
  {
   "cell_type": "code",
   "execution_count": 5,
   "id": "af7b6ed3",
   "metadata": {},
   "outputs": [],
   "source": [
    "# Perform the initial search to obtain the first batch of results\n",
    "response = es_client.search(\n",
    "    index=index_name,\n",
    "    body=search_query1,\n",
    "    scroll='5m',  # Set the scroll timeout (e.g., 5 minutes)\n",
    "    size=10  # Set the number of documents to retrieve per scroll\n",
    ")"
   ]
  },
  {
   "cell_type": "code",
   "execution_count": 8,
   "id": "63de8080",
   "metadata": {},
   "outputs": [
    {
     "name": "stdout",
     "output_type": "stream",
     "text": [
      "10\n"
     ]
    }
   ],
   "source": [
    "all_hits = response['hits']['hits']\n",
    "print(len(all_hits))\n",
    "\n"
   ]
  },
  {
   "cell_type": "markdown",
   "id": "fbb6e62c",
   "metadata": {},
   "source": [
    "<span style=\"color:blueviolet\">Step 6. looking search results</span>"
   ]
  },
  {
   "cell_type": "code",
   "execution_count": 45,
   "id": "01e374e4",
   "metadata": {},
   "outputs": [
    {
     "name": "stdout",
     "output_type": "stream",
     "text": [
      "DOC URL: https://www.ibm.com/support/pages/node/6354959 ---> \n",
      "\n",
      "DOC Source: IBM White Paper \n",
      "\n",
      "DOC content:  Invincible Supply Chain\n",
      "Reference Architecture for Mission-Critical \n",
      "SAP® Advanced Planning & Optimization\n",
      "in SAP liveCache with HotStandby\n",
      "  Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 3High availability for SAP® Supply Chain Management\n",
      "SAP Advanced Planning & Optimization\n",
      "SAP liveCache\n",
      "DB2 HADR\n",
      "SAN Volume Controller\n",
      "PowerHA System Mirror\n",
      "Tivoli System Automation for Multiplatforms\n",
      "Invincible Supply Chain\n",
      "High Availability for Mission-Critical\n",
      "SAP Advanced Planning & Optimization\n",
      "– Design, Reference Architecture, and Proof of Concept –\n",
      "IBM SAP International Competence Center (ISICC)\n",
      "Walldorf, Germany\n",
      "IBM Storage Lab Services, Mainz, Germany\n",
      "IBM Boeblingen Lab, Rot, Germany\n",
      "SAP teams:\n",
      "SAP Labs, Berlin, Germany\n",
      "Performance, Data Management, and Scalability, Walldorf, Germany\n",
      "Solution Management, Supply Chain Management, Walldorf, Germany\n",
      "Product Management, Supply Chain Management, Walldorf, Germany Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 421/ June 2011\n",
      "1 Table of Contents\n",
      "1 T able of Contents ....................................................................................................................... 4\n",
      "2 Preface ........................................................................................................................................ 5\n",
      " 2.1 Document scope .............................................................................................................. 5\n",
      " 2.2 Special notices ................................................................................................................. 5\n",
      " 2.3 Version information ........................................................................................................ 5\n",
      " 2.4 Document layout and design .......................................................................................... 5\n",
      " 2.5 Authors of this document ................................................................................................ 6\n",
      " 2.6 With gratitude and acknowledgment of our sponsors ................................................... 6\n",
      " 2.7 Project team .................................................................................................................... 7\n",
      "3 Introduction – Why High Availability for SAP Advanced Planning & Optimization ............. 8\n",
      "4 Benefits Summary .................................................................................................................... 10\n",
      " 4.1 T arget industries and solutions ..................................................................................... 10\n",
      " 4.2 HotStandby versus a failover solution .......................................................................... 12\n",
      "5 Available-to-Promise – A Day in the Life ............................................................................... 14\n",
      "6 Proof of Concept Scope ........................................................................................................... 16\n",
      " 6.1 Application scope and goals .......................................................................................... 17\n",
      " 6.2 Summary of KPI results ................................................................................................ 23\n",
      "7 Design Components of the Infrastructure .............................................................................. 26\n",
      " 7.1 Infrastructure scope and stack ....................................................................................... 26\n",
      " 7.2 High-availability infrastructure design on Power servers – the basis .......................... 30\n",
      " 7.3 Tivoli clustering – Tivoli System Automation for MultiPlatforms ............................. 49\n",
      " 7.4 Tivoli clustering for IBM DB2 HADR ........................................................................ 50\n",
      " 7.5 Tivoli clustering for SAP central services for ABAP (ASCS instance) ........................ 60\n",
      " 7.6 SAP liveCache with HotStandby design and requirements ......................................... 68\n",
      " 7.7 Design of the PowerHA Cluster for SAP liveCache HotStandby ............................... 77\n",
      "8 Summary and Conclusions ...................................................................................................... 97\n",
      "9 Appendix ................................................................................................................................... 98\n",
      " 9.1 Related documents and sources of further information ............................................... 98\n",
      " 9.2 SAP liveCache versions ................................................................................................. 99\n",
      " 9.3 AIX, PowerHA, and Java versions ................................................................................ 99\n",
      " 9.4 Tivoli SA MP and DB2 HADR versions .................................................................... 101\n",
      " 9.5 Power Systems, AIX, and storage versions ................................................................. 101\n",
      "10 Copyrights and T rademarks ................................................................................................... 102\n",
      "11 Disclaimer and Special Notices ............................................................................................. 103 Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 52 Preface\n",
      "2.1\t Document\tscope\n",
      "This document is intended for architects and implementations teams that have the responsibili -\n",
      "ty of designing and implementing a highly available infrastructure stack for the SAP® Advanced \n",
      "Planning & Optimization (SAP APO) component in a mission-critical landscape.\n",
      "2.2\t Special\tnotices\n",
      "Copyright© IBM Corporation, 2011 All Rights Reserved. \n",
      "All trademarks or registered trademarks mentioned herein are the property of their respective \n",
      "holders. \n",
      "2.3\t Version\tinformation\n",
      "This is version 1.1 of this document including architecture, design and concept.Online versions of this document and subsequent releases can be found at this website:http://www.ibm.com/support/techdocs/atsmastr.nsf/WebIndex/WP100677\n",
      "2.4\t Document\tlayout\tand\tdesign\n",
      "This document is separated into component areas. Each clustered component of this infrastruc -\n",
      "ture stack can be implemented independently of the other clusters. Therefore, the document groups the basis component and the cluster solution for each of the component areas together but provides no dependency on the sequence of installation. As an example, HADR with IBM\n",
      "® \n",
      "Tivoli® System Automation for Multiplatforms (SA MP) can be the only cluster in a supply chain \n",
      "management (SCM) system if high availability for all components is not deemed necessary (non-mission-critical load). Within each of the component areas, there is a sequence path. Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 62.5\t Authors\tof\tthis\tdocument\n",
      "• Carol Davis, Consulting IT Specialist, SAP International Competence Center\n",
      "• Elke Hartmann-Bakan, IT Specialist, SAP International Competence Center\n",
      "• Jan Muench, Advisory IT Specialist, IBM, Infrastructure and T echnology Service \n",
      "• Katharina Probst, Developer, IBM Boeblingen Lab\n",
      "2.6\t With\tgratitude\tand\tacknowledgment\tof\tour\tsponsors\n",
      "We thank those who have given the support and vision that allow us to provide these case studies \n",
      "in support of our joint customer needs.\n",
      "Juergen Primsch, Vice President, SAP MaxDB & SAP liveCache, SAPDr. Ulrich Marquard, Senior Vice President, Performance & Scalability, SAP Dr. Volkmar Soehner, Development Manager, SAP liveCache Applications, SAPBill Gilmour, Industry General Manager, Consumer Products, IBMEmily Benner, Director, System and T echnology Group, ISV T echnical Enablement, IBMMichelle Tidwell, Program Director, System Storage, ISV Enablement, IBMLaurent Montaron, Manager - POWER and Next-Generation Platform ISV\n",
      "programs, IBM\n",
      "Vandana Kumar, SAP Strategy and Enablement Manager, IBMDr. Antonio Palacin, Director of ISICC IBM SAP International Competence Center, Global \n",
      "IBM – SAP Alliance, IBM\n",
      "Robert D. Thomas, Vice President, Business Development, Information Management, IBMWe would also like to thank Tim Main, Consulting IT Specialist and IBM Client T echnical Ad-\n",
      "visor for Unilever, for his guidance throughout and the extended technical steering team whose insight into actual requirements was vital to this project. Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 72.7\t Project\tteam\n",
      "This project and its results come from the efforts of a joint IBM and SAP team, crossing many \n",
      "areas of specialization and responsibility. This type of team demonstrates the level of co-innova-tion enthusiasm and reflects the technical collaboration between these two companies.\n",
      "Name Responsibility Position Company\n",
      "Carol Davis Project Design andExecutionConsulting IT Specialist IBM\n",
      "Vandana Kumar Product Managementand Delivery T echnology Business Development Execu-tive, Systems and T echnology GroupIBM\n",
      "Elke Hartmann-Bakan DB2 HADR, Tivoli System Auto-mationIT Specialist, Data Management IBM\n",
      "Katharina Probst SAP liveCache  and   PowerHA Developer, HADR Solutions for SAP on AIXIBM\n",
      "Jan Muench HA Infrastructure and Virtualization Advisory IT Specialist, Power Systems IBM\n",
      "Werner Thesing SAP liveCache HA Development Architect, SAP MaxDB SAP \n",
      "liveCacheSAP\n",
      "Erika Wolf SAP Advanced Planning & Optimi-\n",
      "zation DPSAP liveCache Applications SAP\n",
      "Anette Foellmer SAP Advanced Planning & Optimi-zation DPSenior Developer, Performance and Sca-labilitySAP\n",
      "Oliver Goos HSS library IT Specialist, ESCC Mainz, Systems and T echnology Group, Lab ServicesIBM\n",
      "Blandine Alazard HSS library Advisory IT Specialist, ESCC Mainz/ Sys-\n",
      "tems and T echnology Group, Lab ServicesIBM\n",
      "Gerald Heisig Available-to-Promise Product Management, Supply Chain \n",
      "Management SAP\n",
      "Claus Bosch Available-to-Promise Solution Manager, Supply Chain Manage-mentSAP\n",
      "Wolfram Schick Available-to-Promise Development Architect, Supply Chain ManagementSAP\n",
      "Ivan Sesar Available-to-Promise Product Management, Supply Chain ManagementSAP\n",
      "Ulrich Mast Available-to-Promise Solution Manager, Supply Chain Manage-mentSAP\n",
      "Marc-Stephan T auchert Performance andSizingCertified SAP T echnical Specialist, SAP Growth ProgramIBM\n",
      "Ursula Zachmann Performance and Sizing IT Specialist, SAP Solutions IBM\n",
      "Dr. Helmut Mueller Landscape Discovery and  MonitoringSenior Client IT Architect IBM\n",
      "With technical contributions from:\n",
      "• Walter Orb, Consulting IT Specialist, IBM SAP International Competence Center \n",
      "• Maik Gasterstaedt, IT Specialist Storage, IBM SAP international Competence Center\n",
      "• Andreas Schauberer, Tivoli Development, IBM Boeblingen Lab\n",
      "• Hinnerk Gildhoff, Software Developer, DB2 HADR SAP , IBM Böblingen Lab\n",
      "• Olaf Depper, IT Specialist, DB2 SAP , IBM Böblingen Lab\n",
      "• Bernhard Buehler, IT Specialist, Systems and T echnology Group, Lab Services, IBM Germany Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 83 Introduction – Why High Availability for SAP Advanced \n",
      "Planning & Optimization\n",
      "SAP Advanced Planning & Optimization (SAP APO) is an advanced planning and scheduling software that provides the tools needed to optimize supply chain processes at strategic, tactical, and operational planning levels. Demand planning, supply network planning, and production pl -\n",
      "anning and detailed scheduling are three of the core business scenarios addressed by this compo -\n",
      "nent. For companies operating worldwide, planning information must be made available across system boundaries as quickly as possible to support business efficiency. Global available-to-pro-mise (global ATP) in SAP Advanced Planning & Optimization provides this key functionality. \n",
      "The architecture of SAP APO spans two databases: the typical SAP application or ABAP™\n",
      "1 \n",
      "database, and the memory resident database used for optimization and planning, which is the \n",
      "proprietary SAP liveCache. These two databases are logically interlinked at application level, but do not know each other at database level. Related but unique data exists in each of the two data -\n",
      "bases, but neither has the complete data content.  If these two databases lose their data synchro -\n",
      "nization, which can result from an infrastructure failure, or the need to restore one or the other of the two, the application provides the means to resynchronize at application level. This resyn -\n",
      "chronization will normally result in the identification of data that exists in one database and for which there is no reference in the other. Restoring synchronization will require an understanding of the significance of the data and the ability to take informed decisions. In summary, the recove-ry driven from the application level may have an extremely long path length and require expert business skills.\n",
      "LC\n",
      "DBSAP NetWeaver Business Client\n",
      "SAPGU I 7.10 Web Dympro for ABAP\n",
      "Optimizer 7.0SAP liveCache 7.7\n",
      "Geocoding 7.0SAP SC M 7.0\n",
      "SAP APO Application\n",
      "ABAP\n",
      "databaseMaster and transactional \n",
      "data viewTime Series and \n",
      "planning v iew\n",
      "Figure 3.1: Overview of SAP APO architecture with liveCache and the SAP SCM optimizer\n",
      "As failures come in many different guises, from logical errors to infrastructure disasters, this re -\n",
      "covery is part of the operational lifecycle of any production system. The goal is to extend dura -\n",
      "tion of the undisrupted production time to the maximum possible. A logical error is something the infrastructure cannot protect against, but there are many situations in which the design of the infrastructure and middleware can support the application and the business. \n",
      "1 Database  used  for  master  and  transactional  data,  customizing,  and  ABAP  objects  that  provide  the  busi -\n",
      "ness  content  of  the  SAP  system.  ABAP is  a  proprietary  object-oriented  programming  language  from  SAP . Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 9The proof of concept being described in this document looks at some of these options. The focal \n",
      "point is a joint IBM and SAP solution around the SAP liveCache component itself to ensure high availability and very fast recovery without data loss.\n",
      "As SAP liveCache is a component of the SAP Supply Chain Management (SAP SCM) applica -\n",
      "tion, protecting SAP liveCache make sense when the SAP SCM system itself is highly available. \n",
      "SAP SCM itself is based on ABAP and the concept is therefore built on the current best practices for high-availability solutions for ABAP systems. The design then extends the availability con -\n",
      "cept to cover the ABAP database, the critical SAP central services software, and the infrastructure itself – top to bottom.\n",
      "This document describes reference architecture for SAP Advanced Planning & Optimization \n",
      "based on end-to-end high availability. \n",
      "The proof of concept is based on IBM Power systems™ technology, IBM DB2\n",
      "®, and two alter -\n",
      "native clustering solutions for high availability – Tivoli System Automation for Multiplatforms, \n",
      "and IBM PowerHA®. \n",
      "The choice of DB2 database was made because the functionality DB2 HADR (which includes features such as independent data images, closely synchronized, and quick failover) fits very well in the target solution. DB2 is also tightly integrated with SAP software and with the Tivoli Sys-tem Automation for Multiplatforms (Tivoli SA MP) cluster solution.\n",
      "SAP delivers Tivoli SA MP clustering as part of the SAP solution for DB2 HADR. The im -\n",
      "plementation can be extended to cover the critical SAP components. This combination is used \n",
      "quite extensively for SAP ABAP-based systems, such as Enterprise Resource Planning (ERP), Customer Relationship Management (CRM), as well as Supply Chain Management (SCM). The portion of this document covering the critical SAP components and DB2 HADR is generally applicable to ABAP systems.\n",
      "SAP liveCache with HotStandby is a new feature that will be supported by the PowerHA cluster \n",
      "solution. As we demonstrate in this proof of concept, SAP liveCache  HotStandby solution provi -\n",
      "ded by PowerHA can also be integrated into an SAP SCM system that is using Tivoli clustering for the other critical SAP components and for HADR. Additionally, the proof of concept includes a cluster solution for DB2 HADR and the other criti -\n",
      "cal SAP components based on PowerHA, providing a complete PowerHA solution for situations where a mix of cluster technology is undesirable. Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 104 Benefits Summary\n",
      "This document shows the benefits to mission-critical SAP APO business processes provided by \n",
      "high availability for SAP SCM. Each component of the SCM stack is looked at separately and can be implemented as a separate cluster to provide high-availability building blocks for SAP APO or other ABAP-based core systems.\n",
      "The business benefits result from high availability and uninterrupted processing in online order \n",
      "confirmation and extremely fast return to business for production planning. In scenarios, such as service parts management, a five-minute downtime has been quoted as the limit before the business begins to suffer a loss. \n",
      "The solution presented here explains how this target can be met with effective component red -\n",
      "undancy, which also provides a cost-effective solution.\n",
      "4.1\t Target\tindustries\tand\tsolutions\n",
      "This proof of concept focuses on the following components:\n",
      "• IBM PowerVM™ technology – IBM POWER6® and IBM POWER7® processor-\n",
      "based servers\n",
      "• IBM System Storage® SAN Volume Controller (and any SAN storage) or IBM System \n",
      "Storage DS8300  \n",
      "• IBM AIX® 6.1\n",
      "• DB2 HADR\n",
      "• Tivoli System Automation for Multiplatforms\n",
      "• PowerHA SystemMirror for AIX \n",
      "In terms of SAP software, this information applies to:\n",
      "• SAP Advanced Planning & Optimization (SAP APO), including demand planning, \n",
      "supply and network planning, and production planning and detailed scheduling func -\n",
      "tionality \n",
      "• Integrated scenarios using SAP APO for available-to-promise (ATP) and Global availa-ble-to-promise (GATP) for resource availability and planning  \n",
      "• SAP Service Parts Planning application and other service parts management software  \n",
      "• SAP NetWeaver™ technology platform for ABAP and SAP NetWeaver Business \n",
      "Warehouse; SAP Supply Chain Management, SAP Customer Relationship Management, \n",
      "SAP ERP , and other ABAP-based software. Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 11Target industries typically using this software: \n",
      "Service parts management functionality in SAP SCM\n",
      "• Aerospace and defense\n",
      "• Automotive\n",
      "• Heavy equipment \n",
      "• Industrial machinery\n",
      "• Household appliances\n",
      "• High-tech\n",
      "SAP Advanced Planning & Optimization\n",
      "• Consumer products\n",
      "• Automotive\n",
      "• High-tech and electronics\n",
      "• Household appliances\n",
      "• Discrete manufacturing (industrial machinery and components)\n",
      "• Retail\n",
      "• Chemicals\n",
      "• Mill products and mining\n",
      "• Oil and gas\n",
      "• Life sciences\n",
      "• Wholesale\n",
      "SAP APO\n",
      "Demand PlanningAlert Monitor\n",
      "Supply Network Planning\n",
      "Global Available-to-PromiseProduction Planning &\n",
      "Detailed SchedulingSAP ERP\n",
      "Master\n",
      "Data\n",
      "RFCProduction Planning (PP)Supply Chain Execution Supply Chain Planning\n",
      "CIF\n",
      "Materials Management (MM)\n",
      "...Production Planning &\n",
      "Detailed SchedulingTransactional\n",
      "Data (real-time)\n",
      "Figure 4.1.1:  Diagram of an integrated SAP ERP and SAP SCM system used for ATP Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 124.2\t HotStandby\tversus\ta\tfailover\tsolution\n",
      "In a tightly integrated SAP landscape, the failure and subsequent recovery of a single system can \n",
      "have repercussions on other systems and the consistency of the data that might span more than one system. Resynchronization can be time-consuming. The objective of this high availability design is to avoid interruption as far as possible to the application level, by providing a robust infrastructure design with redundancy. Whenever the redundant hardware infrastructure cannot protect the system, for example, in the failure of the server itself, then recovery of the system moves to the next layer, provided by the clustering solution. The fastest recovery is provided by either HotStandby or by an active/passive design. This method of having two equal components with their own resources provides the more robust solution, as well as the fastest recovery.\n",
      "A traditional database failover restarts with a database crash image once the disks are successful -\n",
      "ly brought back online. The database attempting to restart the service has to recover the crash \n",
      "image, which normally includes rolling out all “in-flight” transactional data. Depending on what was happening at the time of failure, this recovery can take a significant amount of time. \n",
      "If the database is file system-based, which most are, the file systems themselves may need to be \n",
      "recovered before the database activity can begin. This can also take time depending on the num -\n",
      "ber and size of the file systems. \n",
      "In the case of SAP APO with SAP liveCache, the file systems are recovered, the crash image \n",
      "is used to realign data consistency by rolling back uncommitted transactions, and the SAP liveCache memory resident data cache is reconstructed. This data cache can be many gigabytes in size and also adds to the recovery time for the service.\n",
      "For a SAP APO system that has gone through a crash recovery, it is recommended to run an ap-\n",
      "plication level consistency check to ensure the data spanning the two databases of SAP APO are consistent. This can also take some significant time depending on the number of data objects.\n",
      "By this time, other processes may well have timed out.For online ATP , the expectation is that if the system takes longer than two to three minutes to \n",
      "recover, the order entry side of available-to-promise will be broken. Most likely the user will lose patience and kill the session, or the process may timeout in other areas of the technical infra -\n",
      "structure. The result is that materials will be left in temporary assignment and are unavailable until they are either manually recovered or some expiration date is set to clean them up. The result is that it may not be possible to confirm orders that really could have been confirmed be -\n",
      "cause necessary resources appear unavailable.\n",
      "For production planning batch jobs running in the overnight window, this might mean that \n",
      "skilled application people need to be available for the recovery after a failover. This can delay the time required to restart the jobs after service recovery. Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 13Redundant Data Images\n",
      "Redundant data images (as provided by the HotStandby and active/passive databases) provide an \n",
      "extra failback in case of an actual data corruption at physical level or loss of a storage server.\n",
      "A traditional failover, where the storage is taken over by a backup server, will use one copy of the \n",
      "data that is active on only one of the servers at any time. A failover server will take over the data from the failed server and rely on this data image to attempt to restart the lost functionality. If the data is corrupted, a restore of the database is necessary and archived logs will be reapplied to recover to the point in time of the failure. At this point, the resynchronization effort with other systems depends on the integration and dependencies of the business processes. \n",
      "As used in this proof of concept, DB2 HADR has a complete set of redundant data – both data -\n",
      "base and logs. These can be on separate storages servers in separate sites. HADR does have to do \n",
      "a certain amount of rollback recovery as part of the takeover to clean up the open transactions. This is done very quickly as the database is already online and active. For large batch planning jobs where one would intuitively expect to generate a large volume of rollback activity in case of a failover, this proves not to be the case. The commit rate of the planning application jobs is very high and, therefore, the recover requirement for rollback of uncommitted data after a failover is very low. \n",
      "SAP liveCache in HotStandby does no rollback recovery as it is only applying data from transac -\n",
      "tions. This is not a crash image but an active database in synchronization with the master. SAP liveCache itself can switch roles within seconds. The cluster software builds in a short delay \n",
      "to validate a failure before initiating a takeover. With the delay, the service is available within the two minutes failover target with all data intact. The consistency check is not necessary.\n",
      "With SAP liveCache in HotStandby, there are two redundant copies of the data, but there is a \n",
      "shared log. In case of a mirror corruption, you might be unfortunate to lose the log.\n",
      "In this case, it is possible to drop the corrupted log and recover SAP liveCache from the last valid \n",
      "save point. This would be much quicker then restoring the last version and trying to roll forward from archive logs. In both cases, the data which was in the online log will be missing and a re -\n",
      "synchronization with the SAP APO database will be necessary − but it will be considerably faster than a recovery.\n",
      "In summary, the major differences:\n",
      "• T wo separate versions of the data for higher data security\n",
      "• Active/standby database engines, with synchronized data status to take over in seconds \n",
      "with data consistency\n",
      "• Fast takeover avoids chain reaction of failing dependencies Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 145 Available-to-Promise – A Day in the Life\n",
      "A day in the life of a sales person in a collaboration supply chain scenario: \n",
      "A fictional, but possible, scenario to demonstrate one of the countless situations where customer \n",
      "satisfaction, indeed the sales itself, depends on punctual delivery and the guarantee of punctuality depends on reliable confirmation. What is the value of the theoretically fastest and most-sophis -\n",
      "ticated system if it is not there when it is mission critical?\n",
      "Picture a small building supplier somewhere:\n",
      "The day hang like a wet grey sock, and Harald, sipping his half-cold coffee, appeared to be bent on becoming part of a matching pair if his body posture was any indication. He sighed, and with a last longing glance, he put away the travel brochure of white sands and blue water, sweeping it with a despondent finality into a drawer. An unusual movement from the corner of his eye, caught his attention. His boss was steaming in his direction, weaving through the display arran -\n",
      "gements of luxury baths and building materials with an astonishing focus of purpose, headed directly toward Harald and the customer service desk. His whole body language emanated a hitherto unknown tension and excitement. He was being followed by two very serious and rather tired looking men carrying document folders.\n",
      "It was the order of the year! The large five-star hotel complex, going online with much fanfa -\n",
      "re and prominence, was the talk of the region. The captain of this luxury liner about to set sail \n",
      "had, however, caught a glimpse of a distant iceberg. The renowned firm scheduled to deliver the sumptuous Jacuzzi baths for the top category suites had informed the construction manager that a portion of their supply chain, on which this delivery depended, had unexpectedly gone into receivership. The delivery date would not be met.  The two men in tow, on this now glorious day, were the hotel’s construction manager himself and his lead architect. The boss was preparing to launch the lifeboats – 62 luxury Jacuzzi baths in four different models – all of which could be met by components in their portfolio and, accor -\n",
      "ding to the hotel architect, integrated into the hotel’s general design without major modification. The question on which all revolved was – could their firm deliver in time?\n",
      "All eyes were on Harald – for both his boss (who had specifically provided Harald with training \n",
      "on the new order and logistics system), and the other two gentlemen, Harald was now the man of the moment.\n",
      "It took nearly 40 minutes to get through the first three models and 50 of the 62 baths, each com -\n",
      "ponent a separate order line and the delivery of all components verified through the available-to-\n",
      "promise functionality of the logistics system. This system ensured that what was confirmed was either currently available or would be available to meet the delivery date, reserving materials and updating the order and production planning directly. Harald worked conscientiously and accu-rately – he would make no error on this order. Nevertheless, in the pauses between confirmation responses from the planning system, his concentration did allow for split-second interruptions (little dreamy flashes of tropical nature). Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 15It happened on the third to the last order line confirmation:\n",
      "In the middle of an order, a dialog box appeared on his screen! Some gibberish about “RFC con -\n",
      "nections failure” and “gateways”; he hit the Enter key again and the dreaded hourglass appeared. Something in the system had failed, leaving him with an unconfirmed and incomplete order and no idea on how he could proceed.\n",
      "Now we can leave Harald, sweating in despair, in desperate debate with the help desk assuring \n",
      "him that they are working on it while his potential customers begin tense conversations on their mobile phones, making detailed notes and eyeing the wall clock.\n",
      "Or …\n",
      "We can give Harald a break and provide him the system described in the rest of this document. \n",
      "In this case, he only needs to keep calm, perhaps offer coffee – and provide some friendly dis -\n",
      "traction. He can be confident that regardless what may have happened, the system will be back within two to three minutes. He can then continue exactly where he was interrupted, and com -\n",
      "plete those last few order lines.\n",
      "Let us be kind to Harald and say his company can meet the deadline and the 62 Jacuzzi baths are \n",
      "confirmed with guaranteed delivery from various locations. Let this company make its name as a reliable supplier with this large construction firm, and let Harald earn the commission of his young life. As this is fiction, we can easily do this. Nevertheless, this is a realistic and possible sales scenario. \n",
      "Sales order entry\n",
      "1.Select a product & quantity\n",
      "2.Verify availability\n",
      "3.Select a Product & Quantity\n",
      "Comm it OrderERP\n",
      "Available-to-promise  and\n",
      "Temporary Quantity Reservation  \n",
      "Confirm order quantity reserve TQSCM\n",
      "Commit temporary quantity reservations\n",
      "Confirm and plan resource requirementsStart\n",
      "SCM central services failure\n",
      "SCM database failure\n",
      "SCM SAP liveCache failureHarald\n",
      "MaldivesOrder\n",
      "Complete\n",
      "Figure 5.1 A day in the life Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 16We can replace Harald’s dilemma with of number of integrated supply chain scenario from sales \n",
      "to service parts planning.\n",
      "Short of collecting a commission and going off to the Maldives, the team writing this document \n",
      "assumed the part of Harald and went through these same steps to prove the speed of the infra -\n",
      "structure recovery and the business process recoverability provided by the integrated order entry and logistics system using SAP ERP and available-to-promise functionality in SAP APO. \n",
      "The team successfully completed the open order with business process consistency despite inter -\n",
      "vening database failure, SAP liveCache failure, server failure, storage failure. and various combi -\n",
      "nations thereof.  The target of this proof of concept is to provide an end-to-end high- availability \n",
      "system and demonstrate the application benefits such an infrastructure can provide.\n",
      "6 Proof of Concept Scope\n",
      "The proof of concept covers the design and implementation of a high-availability SAP APO sys -\n",
      "tem on a POWER7 processor-based server using infrastructure virtualization (PowerVM). The design of the infrastructure is intended to allow full access to functionality, such as Live Partition Mobility (LPM). For this purpose, the entire solution stack is based on virtual I/O (VIO).  Virtual I/O is a functionality that implements an abstraction layer between logical partitions being used as servers, and the physical I/O components of the machine. VIO Servers are special logical partitions (LPARs) that own the physical hardware adapters and provide the mapping of virtual adapters to physical adapters. Virtual adapters and devices are made available by the VIO Server to the server LPARs. This abstraction layer allows multiple server LPARs to use the same physical I/O adapter.\n",
      "A highly available cluster solution will require redundant I/O adapters, and alternative paths to \n",
      "the network and the storage systems. The number of adapters in any physical server is limited and dedicated redundant I/O adapters per LPAR may quickly exhaust this limit. VIO functiona-lity, therefore, provides a very cost- effective solution for I/O redundancy. Redundant I/O paths are implemented in the VIO level and can be used by all logical partitions within the system. VIO provides infrastructure flexibility, as additional LPARs can be added to the system without regard to the number available I/O slots, as there need be no requirement for additional I/O adapters. The VIO approach is also cost effective, as the number of hardware adapters (and the subsequent number of administered LAN and SAN ports) is kept to a minimum since hardware redundancy and the network and SAN access paths are implemented only once and then shared.\n",
      "The middleware and mission critical SAP components (databases, central services, and SAP \n",
      "liveCache), are implemented as separate high-availability cluster solutions to demonstrate the building blocks that are available and the strengths of each solution. As SAP APO has a load pro -\n",
      "file that greatly benefits from processor sharing between components, the system is implemented on micropartitions in a shared processor pool. Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 17SAP E RP EHP4    \n",
      "Master Data and \n",
      "Order Entry ATP\n",
      "Available-to-promise \n",
      "(ATP) driven from \n",
      "ERP via SCM for \n",
      "planning in SAP liveCacheSAP S CM 7 Central Services \n",
      "Enq & Msg Servers, \n",
      "DialogSAP S CM 7 SP6 APO       \n",
      "APP Server for Batch \n",
      "Demand Planning\n",
      "SAP S CM 7 Central Services \n",
      "Replicated Enq,  Dialog\n",
      "DB2 HADR 9.7                    \n",
      "Primary                     \n",
      "Tivoli SA MPDB2 HADR 9.7                      \n",
      "Standby                    \n",
      "Tivoli SA MP  \n",
      "SAP li veCache 7.7.07                      \n",
      "Primary                    \n",
      "PowerHASAP li veCache 7.7.07                      \n",
      "Standby               \n",
      "PowerHAPower7 System 2 Power7 System 1\n",
      "Figure 6.1:  Overview of the cluster building blocks and the application components\n",
      "The clusters were tested for a number of conceivable failures discussed and agreed with the \n",
      "T echnical Steering T eam made up of client teams and customer architects.\n",
      "T wo application scenarios were selected to drive the proof of concept at application level. These \n",
      "include the ATP check coming from order creation in SAP ERP (similar to the order creation in service parts management functionality) and a batch planning load represented by demand plan -\n",
      "ning functionality. The application server for the batch demand planning jobs is not clustered, as multiple application servers can be configured and therefore the application server represents no single point of failure (SPOF). In the case of a component failure (database, SAP SAP liveCache, or application server), the batch jobs will need to be restarted. The jobs can normally be restarted as soon as the failed component is recovered and therefore, for batch, the focus is on the speed of component recovery. For ATP , the focus is on recovery of the application and continuous availa -\n",
      "bility. For both, the target is availability and data consistency.\n",
      "6.1\t Application\tscope\tand\tgoals\n",
      "This section describes the business processes used to test the infrastructure from the application level. The goal was to test the response of the application to various failover situations and un -\n",
      "derstand the impact on the business. For this purpose, common scenarios were selected and the approach described in detail to make the results easy to map to the normal production business. Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 186.1.1 Demand planning in SAP APO\n",
      "The demand planning scenario used for these tests is taken from the standard benchmark for \n",
      "SAP APO. The benchmark scenario was updated for SCM7 by the SAP sizing and performance team for use in these tests and for reverification of the SAP APO sizing for systems running in a virtualized landscape. \n",
      "For demand planning, the tests performed under load refers to the load generated by 16 parallel \n",
      "demand planning jobs with a total throughput of around 480,000 character combinations per hour at aggregate level.\n",
      "2\n",
      "ABAP\n",
      "Process\n",
      "Demand\n",
      "PlanningABAP  \n",
      "DataBase\n",
      "SAP l ive\n",
      "Cache & \n",
      "DCOM\n",
      "ABAP  \n",
      "DataBase\n",
      "Figure 6.1.1.1: Process flow between SAP work process and the two databases\n",
      "Demand planning test caseIn the proof of concept, demand planning is used to simulate all three of the major batch scena -\n",
      "rios (demand planning, supply network planning, and production planning and detailed schedu -\n",
      "ling) as they have similar behavior profiles. They are all back ground batch jobs running entirely within SAP SCM. For these load tests, demand planning is started in massive parallel, and during the batch run, component failures are initiated.\n",
      "The demand planning batch jobs run entirely within the SAP SCM system, within the batch ap -\n",
      "plication server. In this case, there is only limited traffic between the batch application server and \n",
      "either the enqueue server or the message server. The traffic is primarily between the application server and the two databases: the ABAP database (DB2 HADR) and SAP liveCache. \n",
      "Figure 6.1.1.2 shows the traffic between the batch application server and the cluster pairs \n",
      "through the cluster service IP addresses.\n",
      "2 This load is simply a representative load using a portion of the total machine resources. This is neither an SAP \n",
      "SCM benchmark result, nor an indication of any possible high-load achievement. Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 19SAP li veCache Standby SAP li veCache PrimaryBatch Application ServerSAP CentralServices  Standb y\n",
      "Rep-ENQ, msg-server\n",
      "SAP\n",
      "LiveCacheLC_ip\n",
      "Data base PrimaryData baseStandb ySAP CentralServices  Primary\n",
      "Rep-ENQ, msg-server\n",
      "DB2DB_ipCS_ip\n",
      "Figure 6.1.1.2: Overview of the cluster communication for demand planning\n",
      "Key performance indicators (KPIs)3\n",
      "The batch jobs are expected to cancel in the case of a component loss. They should not hang or \n",
      "continue processing with invalid results. They should be in the state to restart processing im-mediately the failed component has been recovered. Consistency checks should not indicate any inconsistency other than a possible redundant time series. It is acceptable for the KPI that such inconsistencies are found in the time series as a result of the failure. These are time series that have no related information in the database but in no way effect the quality of the results of the planning run. These “orphaned” time series do nothing more than waste a bit of memory. Our  reference contacts in production planning operations confi  rmed that clean up of the time series  is done periodically (outside the critical time window) as general practice to recover any memory.  The consistency verifi  cation routines were used periodically throughout the project to ensure that no other inconsistencies occurred.\n",
      "The current KPI for complete recovery in preparation for a restart is less than or equal to fi  ve \n",
      "minutes.\n",
      "Following a failure under demand planning load, the system should be able to restart (with ope-\n",
      "rator intervention or job scheduling) the batch jobs within fi  ve minutes with data consistency.\n",
      "Batch Active\n",
      "Node failure - SAP li veCach e \n",
      "SAP li veCach e ser vice onlingBatch canceled\n",
      "Batch restarted2-3 min\n",
      "Figure 6.1.1.3: KPI for demand planning recovery\n",
      "In fi  gure 6.1.1.3, the component failure can be SAP central services, the DB2 HADR database, or SAP liveCache. \n",
      "3 Indicators used to measure success. Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 206.1.2 SAP ERP ATP check using SAP SCM\n",
      "The ATP check in SAP APO is used to ensure that delivery dates can be met before an order is \n",
      "confi  rmed. ATP functionality exists in SAP ERP as well, but it is not as rich as that provided by SAP APO. ATP in SAP APO provides the following benefi  ts:\n",
      "• Prevent overcommitment\n",
      "• Manage backorders\n",
      "• Enable search in multiple locations (global ATP)\n",
      "• Automate a manual process\n",
      "• Reduce the amount of time taken to process an order\n",
      "• Provide visibility of your sales commitments for every material for which an ATP check is performed, regardless of the results\n",
      "• Provide additional information to production beyond a forecast\n",
      "• Allow customers to be prioritized and realign commitments of a constrained product when necessary\n",
      "1\n",
      "2\n",
      "45\n",
      "36Sales Order Entry\n",
      "1.   Select a product & quantity2.   Verify availabilityConfirm OrderSAP E RP SAP SCM ATP\n",
      "Create sales\n",
      "order\n",
      "Enter business\n",
      "partner\n",
      "Confirmedquantities and\n",
      "Price conditions are\n",
      "determined\n",
      "Save the sales\n",
      "order\n",
      "Trigger credit check\n",
      "Update with credit\n",
      "check information\n",
      "Export compliance\n",
      "checks\n",
      "   Sales order is\n",
      "   createdPerform credit\n",
      "Accounting update\n",
      "and credit limitupdate\n",
      "Uncheckeddelivery iscreatedCustomerrequirement isupdatedCustomer\n",
      "requirement iscreatedEnter product\n",
      "and quantity\n",
      "ATP , e.g. system \n",
      "checks availability, determines the route and schedules the order lines\n",
      "Figure 6.1.2.1:  Overview of the SAP ERP order creation process with ATP to SAP SCM\n",
      "The ATP check for order entry begins in either SAP CRM or SAP ERP and accesses the sup-\n",
      "ply chain management planning of SAP APO through a remote function call (RFC) as part of the transaction. Figure 6.1.2.1 is an overview of the order creation process. An ATP check can be run for each order line of the customer order as necessary, and each check results in an RFC  exchange between SAP ERP and SAP APO. This process is shown in more detail in the fi  gu-re 6.1.2.1, but important to note is that if the SAP APO system is not available, the ATP check  cannot be completed with confi  rmation. Orders can then only be created without the assurance of the ATP confi  rmation, and without product or materials reservation – this is a major depre-ciation in quality.  Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 21Therefore, one of the major objectives of this proof of concept is to ensure that SAP APO is the-\n",
      "re, and that this process chain is not broken by a failover of any of the components.\n",
      "Figure 6.1.2.2 shows the actual multiple logical units of work (LUW) of the business process for \n",
      "ATP . This process spans four LUWs. The fi  rst LUW is the driving process which is creating the order and talking to the SAP GUI. The second is the RFC process created on SAP APO and tracked through the transaction identifi  er (trguid) exchanged between SAP ERP and SAP APO. The third is the booking process that asynchronously updated the database in SAP ERP following the order commit, and the fourth LUW is the asynchronous commit and database up-dates in SAP APO driven by the SAP ERP commit and transmitted over the queued core inter-face communication (CIF).\n",
      "SAP ER P\n",
      "Create first \n",
      "Sales OrderLUW1\n",
      "*) Saving of Sales Order\n",
      "triggers the Commit WorkInitialize \n",
      "(next order) Create next \n",
      "Sales Order\n",
      "ATP Che ck \n",
      "(next order)LUW1CIF-queu e= Start new LUW\n",
      "= End this LUWATP Che ck\n",
      "LUW3 Asynchronou s \n",
      "upda te task\n",
      "BAPI _TRANSACTION_COMMIT Commit \n",
      "Work *LUW2 \n",
      "Register  Transaction Commit  \n",
      "to be “Perform(ed) on commit”\n",
      "ERP\n",
      "APO\n",
      "LC\n",
      "APOLC\n",
      "LUW2 (TRGUID2)Write registered database updates to APO-db (technical tables)TRGUID = Transaction GUID\n",
      "POSGUID = Line Item GUID\n",
      "LUW = Logical Unit of Work\n",
      "TQA = Temporary Quantity Assignm.\n",
      "LC = SAP liveCache\n",
      "APO\n",
      "LUW4 \n",
      ".......Complete transaction update in SAP AP O \n",
      "and LC –convert TQA into order               \n",
      "reservations.LUW2 \n",
      "Register database update  \n",
      "to be “Perform(ed) on commit”SAP APO\n",
      "LUW2 (TRGUID 1)\n",
      "ATP-check in LCTQA created and \n",
      "commitedin LC directly (LDA)\n",
      "(POSGUID)\n",
      "Figure 6.1.2.2: Diagram of recoverable order creation process based on multiple logical units of work Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 22ATP test case\n",
      "In the proof of concept, the functionality of this order creation business process was the focal point for ATP verifi  cation. An order was opened and several line items confi  rmed through ATP , resulting in temporary quantities being reserved in SAP APO. Prior to the order being commited in the SAP ERP system, a component failure was initiated in the APO infrastructure, and further attempts to continue adding line items to the open order with ATP were made during the failo-ver activity. The target was to see whether the ERP side of the order process would fail or whe-ther is would be able to recover and complete the processing with APO.\n",
      "KPIs\n",
      "The ideal result is that the order process recovers and can continue, allowing the order to be completed. An acceptable result might be that the order must be reinitiated after a failure, but that the system must be available again for the next order within the recovery time set by the KPI. \n",
      "The current KPI for complete recovery is less than or equal to fi  ve minutes. This KPI was set by \n",
      "actual customer requirements.\n",
      "MaldivesStart\n",
      "Order\n",
      "Complete!Databa se fail ure!\n",
      "liveCache  Failure!\n",
      "Server Failure!ERPLC\n",
      "APO\n",
      "LC\n",
      "APOHaraldSAP ERP\n",
      "Create first \n",
      "Sales Order\n",
      "ATP checkLUW1\n",
      "*) Saving of SalesOrder\n",
      "triggers the Co mmit Work= Start new LUW LC =  SAP liveCache\n",
      "= End this LUW\n",
      "LUW2 \n",
      "Register  Transaction Commit  \n",
      "to be “Perform(ed) on commit”\n",
      "LUW3 Asynchronou s \n",
      "update task\n",
      "Initialize \n",
      "(next order) BAPI _TRANSACTION_COMMIT \n",
      "Create next \n",
      "Sales Order\n",
      "ATP Che ck \n",
      "(next order)LUW1Com mit \n",
      "Work *\n",
      "CIF-queuePer \n",
      "order \n",
      "line itemSAP AP O\n",
      "LUW2(TRGUID 1)\n",
      "ATP-Chec k in LCTQA created and \n",
      "commitedin LC directly (LDA)\n",
      "LUW2 \n",
      "Register dat abase update  \n",
      "to be “Perform(ed) on commit”(POS GUID)\n",
      "LUW2 (TRGUID 2)Write registered d atabase updates to SAP A PO-db\n",
      "(technical tables)\n",
      "APO\n",
      "LUW4 Com plete \n",
      "transaction update \n",
      "in SAP A PO and LC – \n",
      "convert TQA into \n",
      "order  \n",
      "reservations.\n",
      "Figure 6.1.2.3: Overview of the order creation process target for recoverability Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 236.2\t Summary\tof\tKPI\tresults\n",
      "The section summarizes the results that were actually achieved in the proof of concept as they \n",
      "relate to the key performance indicator goals. The results are grouped by application target and show the results of each of high-availability cluster components. The results for the high-availability hardware infrastructure are documented in the hardware section. The hardware infrastructure met its KPIs by demonstrating that failures in redundant hardware components were managed by the infrastructure design and these had no effect at ap -\n",
      "plication level – production continued without disruption or need for any recovery activity.\n",
      "6.2.1 Demand planning under load \n",
      "Formal PoC KPI: five minutes recovery of service\n",
      "Failure of HADR database: available in less than or equal to two minutes\n",
      "<1 m inBatch active\n",
      "Node failure –HADR 18:30:54\n",
      "DB2 HADR Recovered 18:31:47Batch cancelled:\n",
      "Batch restarted\n",
      "Figure 6.2.1.1: Recovery from DB2 failover after server crash\n",
      "Failure of SAP liveCache database: available in less than or equal to three minutes\n",
      "Batch active\n",
      "Node failure –SAP l iveCache\n",
      "liveCache Recovered  13:00:27Batch cancelled \n",
      "12:57:31\n",
      "Batch restarted \n",
      "13:00:403 min\n",
      "Figure 6.2.1.2: Recovery from SAP liveCache server failure\n",
      "The System Automation for Multiplatforms (SA MP) supported components (DB2 HADR and \n",
      "SAP CS) showed a faster reaction time then the PowerHA supported component (liveCache) as they are more tightly integrated with the SA MP cluster solution supporting them. In the cur -\n",
      "rent PowerHA cluster support, recognition of the loss and failover by the cluster takes somewhat longer then for the SA MP components, but remains well within the KPI. As the objective is reliability, a faster reaction time was not forced. The actual HotStandby takeover activity in SAP liveCache takes from a few seconds up to a minute, depending on the liveCache version.  The combined recovery time of liveCache and PowerHA was within the KPI. Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 24Failure of SAP central services: Restored in less than two minutes\n",
      "Batch jobs in external batch application server do not fail but hang in enqueue wait until enqueue service is restored and then continue to run. The end-to-end runtime of the mass demand pl -\n",
      "anning run (for 896 seconds) was around one minute longer than the normal runtime (for 840 seconds) as result of the failover.\n",
      "Batch  active\n",
      "Node failure    \n",
      "SAP Central Services T akeo ver ~ 2 min\n",
      "Batch  survives \n",
      "Batch  completes~ 1 min longer run time than norma l\n",
      "Fig 6.2.1.3: Recovery of SAP message and enqueue server processes after server crash Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 256.2.2 Available to Promise\n",
      "SAP ERP\n",
      "Sales Order Entry\n",
      "1.Selec t a Product & Quantity\n",
      "2.Verify availabili tyATP and temporary quan tity reservation\n",
      "Confirm Order quantity –reserve TQSAP SCM\n",
      "Node failure  \n",
      "Comm it Temporary quantity reservations\n",
      "Service recovery  User gets  gateway  error \n",
      "User c an cont inue with \n",
      "consistent resu lts 1 –2 minConfi rm Order\n",
      "Figure 6.2.2.1: ATP recovery from SCM component failure\n",
      "KPI: five minutes recover to next order\n",
      "Current open order is not interrupted but is able to continue correctly to completion despite \n",
      "failover in the SAP APO infrastructure. Data integrity was achieved on both SAP APO and SAP ERP views of the completed order.\n",
      "Results\n",
      "Failure of HADR database:   Available in less than or equal to 2.5 minutes\n",
      "Failure of SAP liveCache database:  Available in less than or equal to 3 minutes\n",
      "Failure of SAP CS:    Available in less than or equal to 2 minutes Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 267 Design Components of the Infrastructure\n",
      "This chapter covers the overall design of the infrastructure used for the proof of concept and ex-\n",
      "plains the purpose of each component design. There are always many different approaches which can be taken to achieve a very similar result. The design presented, therefore, does not pretend to depict the only possible implementation route. In order to make it easier for other implemen-tation teams to modify the design, for reasons dictated by their own requirements, the team has tried to present the options, the choices made, and the reasons for the options selected.\n",
      "7.1\t Infrastructure\tscope\tand\tstack\n",
      "This section introduces the solution design, and maps the infrastructure components into the end to end design. It explains why the component stack used in the proof of concept was selected. No proof of concept can cover every eventuality and therefore it is important to defi  ne what was used, why it was selected, and what the dependencies are.\n",
      "Infrastructure solution stack\n",
      "DS800 0 SVCDB2 HA/DR        \n",
      "SAM PDB2 HA/DR \n",
      "PowerHASAP central services S AMP SCM  CS PowerHA\n",
      "SAP li veCache\n",
      "PowerHASAP li veCache\n",
      "PowerHAHeterogeneous stack Homogeneous Stack\n",
      "Figure 7.1.1: Overview of component stack\n",
      "The scope of this proof of concept addresses the cluster component combinations shown in fi  gu-re 7.1.1. SAP central services (replicated enqueue and message server failover) are supported by both cluster solutions (PowerHA and Tivoli SA MP) and are in production in many sites today. \n",
      "DB2 HADR and SAP central services are supported by Tivoli System Automation for Multiplat-\n",
      "forms in a close integration with SAP . SA MP is available as part of the installation kit for SAP software.\n",
      "PowerHA or IBM HACMP™ for AIX is a very mature AIX clustering solution that has been a \n",
      "standard in AIX-based SAP implementations for many years. Due to the fl  exibility of HACMP , and its longevity in the market, there are implementations in production for all SAP components that require high-availability functionality, including SAP central services and DB2 HADR.  Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 27The target of this project is to address both cluster functionalities, and thereby support the major \n",
      "customer base, with the exception of SAP liveCache. The SAP liveCache solution is new and is a feature of AIX PowerHA (HACMP). Nevertheless, the SAP liveCache solution can be combined with the other building blocks using System Automation for Multiplatforms to build the comple -\n",
      "te HA stack in a heterogeneous environment. PowerHA can also be used to implement the entire stack in a homogenous environment. \n",
      "Both the homogeneous PowerHA stack and the heterogeneous SA MP with PowerHA stack is \n",
      "covered in this proof of concept.\n",
      "The IBM implementation of SAP liveCache with HotStandby is based on FlashCopy technology \n",
      "and initially supports the IBM storage servers DS8300 and San Volume Controller. The DS8300 is supported using its native interface and functionality directly. For other SAN storage, the SAN Volume Controller (SVC) provides the interface and offers additional flexibility and extended HA functionality. Via the SVC, any available SAN storage can be supported. With this initial combination it is possible to support the majority of the current SAP APO installed base in one way or the other with a high quality solution.  Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 287.1.1 Logical landscape \n",
      "Figure 7.1.1.1 shows the logical landscape design used for the proof of concept. The high-availa-\n",
      "bility design is focused on the components dedicated to SAP SCM APO. File sharing is typically provided by a highly available Network File Server (NFS functionality) that provides generally for the systems within an SAP landscape rather than a single SAP system. There are a number of different highly available NFS solutions that are commonly in use. For this reason, the proof of concept assumes that an external HA NFS is available and shared by the SAP SCM system. Another common implementation design is to place the NFS fi  le systems under the control of the SAP central services cluster solution.\n",
      "CS IP Alias\n",
      "all/sapmnt\n",
      "/usr/sap\n",
      "/trans\n",
      "/archive\n",
      "./db2 \n",
      ".sapdbSaprouter\n",
      "3900\n",
      "NFSLandsc ape admin,  NIM & NFS\n",
      "SAP central services SAP central services\n",
      "database-primary database-standby\n",
      "SAP liveCache-master SAP liveCache-standbyDB2-A  HA/DR  EnQ, Msg\n",
      "HLC1a   liveCacheClient Network\n",
      "RFC\n",
      "Internal NetworkSAP E RP S ystem with \n",
      "ATP\n",
      "SAP S CM Batch Apps\n",
      "SAP S CM Batch Apps\n",
      "DB2-B  HA/DR  Rep ENQ, \n",
      "HLC2a   liveCache\n",
      "SAP SCM ClustersSAP SCM Clusters- Msg\n",
      "Figure 7.1.1.1: Overview of the logical landscape design with two networks and external NFS used for the proof of concept\n",
      "Best practices for SAP installations normally see a separation between the client network and the backbone network. The backbone network connects the components of an SAP landscape – ap-plication servers to the databases, SAP ERP to SAP APO and so on. The backbone networks are typically high-capacity networks with few hops. Separating the client network from the backbone is also done for security purposes; logged in users cannot directly access a database or a server. Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 29The active SAP message server is reached through the IP Alias for the SAP central services clus -\n",
      "ter. The access between SAP ERP and SCM is by means of a remote function call (RFC) port, \n",
      "configured to the IP alias.  \n",
      "The SCM batch application server is not part of a cluster as applications servers do not repre -\n",
      "sent single points of failure. Multiple applications servers can be configured for online users and \n",
      "batch. For the proof of concept, a single large batch application server is used as a single server is sufficient to understand the effects of various failures on the batch load.\n",
      "7.1.2 Server infrastructure\n",
      "The infrastructure is based on IBM Power® servers using PowerVM to take advantage of the \n",
      "many benefits of this server infrastructure for HA. Both, POWER6 and POWER7 processor-based servers were used in the functional testing to ensure the solution for the current install base \n",
      "as well as for those SAP SCM systems moving to newer hardware. The proof of concept focused \n",
      "on the SAN Volume Controller for storage testing as the SAN Volume Controller provides a \n",
      "wider scope of functionality, and therefore, a broader scope, as well as the broader requirement for testing. \n",
      "In the proof of concept, the back-end SAN storage was provided by various IBM SAN storage \n",
      "systems including the IBM XIV\n",
      "® Storage System. The SAN Volume Controller was used to \n",
      " provide the FlashCopy functionality and the additional resiliency of storage mirroring across \n",
      "multiple storage servers. Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 307.2\t High-availability\tinfrastructure\tdesign\ton\tPower\tservers\t–\tthe\tbasis\t\t\n",
      "This section describes the design of the hardware infrastructure used to achieve high availability \n",
      "though redundancy of I/O paths. The target is to avoid interruption to the application levels as far as possible, insofar as the hardware design can cover the failure. The infrastructure design is built using PowerVM virtual I/O to enable the actual redundancy in hardware components to be implemented one time and used by all upstream logical partitions (LPARs). This reduces the cost and complexity of the redundant hardware implementation.\n",
      "7.2.1 Design overview – storage  \n",
      "This design delivers redundant storage access paths such that any component of the access chain can fail without disruption to the application.\n",
      "Following design rules are used to ensure continuous availability Physical storage\n",
      "The actual storage provided through the storage server is configured using redundancy such as RAID, or other protection mechanisms which ensure availability despite the failure of physical disks. The proof of concept used both RAID5 in the enterprise storage servers (IBM System Sto -\n",
      "rage DS8300 systems) and data redundancy provided by the IBM XIV\n",
      "® Storage System. In either \n",
      "case, the failure of a single disk has no impact to the data availability.\n",
      "Storage server\n",
      "T o prevent data loss in case of the fail of a storage system, the data will be mirrored to two sto -\n",
      "rage systems. This functionality comes with the SAN Volume Controller.\n",
      "The disk from the storage systems will be grouped into two different managed disk groups (also \n",
      "called MDisk groups). The virtual disks were created as mirrored disks from both MDisk groups, so that the virtual disks are mirrored over two storage systems. In case of a storage system failure, the operation continues with the remaining copies.\n",
      "The SAN is divided into two fabrics and every storage component is connected to both fabrics. \n",
      "In case one fabric goes down, the traffic continues to flow over the other fabric.\n",
      "The SAN Volume Controller is a highly-available storage solution because it is a cluster of a mi -\n",
      "nimum of two nodes. In case one node fails, the second node takes over the traffic.There are two VIO Server partitions on each physical system, which are connected to both of the \n",
      "SAN fabrics. On the client partitions, the AIX integrated multipath I/O device driver takes over the path failover activities. Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 31Parts of the storage layout in this design are:\n",
      "SAN\n",
      "VIO1 VIO2SAN\n",
      "LPARSVCStorage\n",
      "storage subsystems \n",
      "SAN fabricsSAN Volume Controller\n",
      "(implementing storage virtualization)\n",
      "VIO Server\n",
      "LPAR supporting the application\n",
      "Figure 7.2.1.1: Redundant I/O design for storage\n",
      "Figure 7.2.1.1 shows the logical stack that connects the logical partitions that house the appli-\n",
      "cations to the storage components that house the data. This stack is implemented using virtual I/O and redundant paths for high availability. The SAN fabric, which appears in two layers in the diagram, will normally be the same SAN fabric, although it need not be. Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 327.2.2 Native storage design\n",
      "Design with one storage system\n",
      "In a native storage design with one storage subsystem, the disk storage is provided by one sto-rage system and the FlashCopy functionality is between LUNs (logical disks) located on a single storage server.\n",
      "SANVIO1 VIO2\n",
      "Storage1LPAR\n",
      "Figure 7.2.2.1: Overview of single storage server access\n",
      "In a “native storage design” (no SVC storage virtualization layer – disks directly attached to the virtual I/O servers)  with two storage servers, the mirroring of the disks from both storage sys-tems could be done at LPAR level with AIX logical volume mirroring (LVM).\n",
      "This can be done for the databases and other high-availability components, but not recommen-\n",
      "ded for SAP live Cache with Hot Standby. As the data in a Hot Standby is refreshed by means of a storage level FlashCopy, the OS level LVM would not see the refresh happen. Hot Standby, for direct attached disks, is based on FlashCopy within a single storage subsystem. The solution does not span two storage subsystems and is not able to initiate orchestrated FlashCopy over two sto-rage servers as would be necessary.  The solution is single storage server, single site only for SAP liveCache with HotStandby, which also means that the storage subsystem becomes a single point of failure. This challenge is solved with the San Volume Controller and storage virtualization.\n",
      "The disadvantage of a single storage subsystem implementation is that, in case of a storage server \n",
      "failure, both FlashCopy source and target are affected. This would have the greatest impact on the SAP liveCache as the HotStandby uses FlashCopy to generate the data redundancy. DB2 HADR is able to span storage servers at application level. Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 33Design with two storage subsystems\n",
      "LPAR\n",
      "VIOS1 VIO2\n",
      "Storage2 Storage1SAN\n",
      "Figure 7.2.2.2: Overview of design spanning storage servers\n",
      "In a native storage design (without SAN Volume Controller storage virtualization layer), the \n",
      "disks are directly attached to the virtual I/O servers. This will allow data to be mirrored over two storage servers from the LPAR level using AIX Logical Volume Mirroring (LVM).This can be done for the databases and other HA components, but is not supported for the SAP liveCache with HotStandby. The HotStandby uses FlashCopy, and an implementation that spans multiple storage servers will require FlashCopy functionality that also spans multiple storage ser-vers. The HotStandby solution is not able to initiate an orchestrated FlashCopy over two storage servers as would be necessary. This functionality does not yet exist for direct attached disks, even through the VIOS virtualization layer. Therefore, for directly attached disks, the SAP liveCache solution is a single storage server and single site only with HotStandby. This challenge is solved with the SAN Volume Controller. Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 347.2.3 Virtualization benefi  ts of SAN Volume Controller \n",
      "The SAN Volume Controller can attach to multiple storage subsystems and is able to mirror \n",
      "storage over multiple servers. As the SAN Volume Controller is also implemented as cluster for its own redundancy requirements, this solution will allow the critical storage components to be mirrored on multiple storage subsystems in multiple sites.\n",
      "The disadvantage of a native storage design can be overcome by the additional virtualization \n",
      "layer provided by the SAN Volume Controller. \n",
      "Figure 7.2.3.1 shows storage coming from multiple storage ser-\n",
      "vers. The storage has been organized into storage pools based \n",
      "on storage subsystem boundaries. The virtual disks that are \n",
      "presented to the VIO Servers are created in one storage pool \n",
      "and then mirrored to the second pool such that each copy is on \n",
      "a separate storage subsystem. The failure of a complete storage subsystem should not cause interruption to the application as the data is still available. Root volume groups and other opera-\n",
      "ting system level requirements must also be redundant in order \n",
      "for the LPAR to survive loss of access to a single storage sub-\n",
      "system. In the proof of concept, the operating system volumes were also mirrored across SVC storage pools.\n",
      "As the SAN Volume Controller is also the focal point for the \n",
      "FlashCopy activity, the FlashCopy will also be refl  ected in the \n",
      "copies without requiring any effort from the  SAP liveCache with HotStandby solution. A FlashCopy from source to target updates the target disk and if this disk is mirrored, then the \n",
      "mirror of the target disk is also updated.vscsi vscsiLPAR\n",
      "VIO1 VIO2\n",
      "SVC\n",
      "Storage1SANSAN\n",
      "Storage2\n",
      "Figure 7.2.3.1: Storage design with VIO and SAN Volume Controller (using virtual SCSI)\n",
      "The FlashCopy operations are performed with virtual disks so that the handling is easier and \n",
      "storage system independent from the FlashCopy level.\n",
      "Storage2 Storage1 Storage2 Storage1SVCFlash copy in SVC\n",
      "SANSANVIO Server VIO Serv er\n",
      "Figure 7.2.3.2: FlashCopy via the SAN Volume Controller Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 357.2.4 Virtual SCSI versus N Port-ID Virtualization (NPIV)  \n",
      "There are two different methods of distributing the disks from the storage system or the SAN \n",
      "Volume Controller over the VIO Server to the client LPARs.\n",
      "LPAR\n",
      "VIO1 VIO2\n",
      "SVC\n",
      "Storage2 Storage1SANSANvscsi vscsiVSCSI (virtualdisk)\n",
      "LPAR\n",
      "VIO1 VIO2\n",
      "SVC\n",
      "Storage2 Storage1NPIV (Virtual Adapter)\n",
      "SANSAN\n",
      "Figure 7.2.4.1: virtual disk or virtual adapter\n",
      "Until the advent of NPIV capabilities, virtual SCSI (VSCSI) was used. Using VSCSI, the disks from the storage subsystem are attached to the VIO Servers and mapped (using PowerVM func-tionality) as SCSI disks to the LPARs. In this confi  guration, the VIO Server provides the binding of the physical disk capacity provided by the storage server to the client LPAR.AIX Multi-Path I/O (MPIO) drivers on the client LPAR are used to recognize and manage the multiple access paths to each storage LUN.  In the case of dual VIO Servers, as depicted in fi  gure 21, there will be two paths to the same VSCSI disk (one per VIOS). \n",
      "The disadvantage of this design is the relatively complex handling – the mapping that must be \n",
      "confi  gured for each disk. Despite having two paths, access is not load balanced but will select a preferred path. \n",
      "One benefi  t of this confi  guration is that the zoning in the SAN is only between the storage ser-\n",
      "vers and the VIOS. The LPARs do not require specifi  c SAN zoning themselves. Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 36With a new generation of FC controllers, new functionality can be used to implement this as -\n",
      "signment of disk to LPAR through VIOS using virtual fibre channel adapters; NPIV rather than \n",
      "VSCSI.\n",
      "The, N_Port ID Virtualization (NPIV) is a fibre channel functionality allowing multiple N_Port \n",
      "IDs to share a single physical N_Port. This allows multiple fibre channel initiators to occupy a single physical port.  \n",
      "With that the physical SAN can be extended over a virtual SAN and virtual FC adapters can be \n",
      "assigned to the client LPAR. The client LPAR can now directly access the storage subsystem and the disks can be assigned directly to the LPAR.  The advantage of this method is an easier assignment of disks to the client LPAR. All disks assig-ned to the virtual adapter address can be seen immediately by the LPAR – they do not need to be defined in VIOS. Additionally, this access method implements load balancing over the multiple paths, spreading the I/O over the virtual adapters and thereby over the multiple VIO Servers.\n",
      "For this solution, the LPARs must participate in the SAN zoning, which increases the zoning \n",
      "complexity to a certain extent.\n",
      "Using NPIV , the SDDPCM multi-path driver is recommended. The proof of concept on AIX \n",
      "6.1 used SDDPCM 2.6.03. Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 377.2.5 Results of storage component failure\n",
      "T o verify the design’s ability to meet the application-level requirements, the following tests were \n",
      "done under application load (batch demand planning).\n",
      "Failure of a VIO Server\n",
      "The VIO Server LPAR may fail, or more likely, the VIO Server may require scheduled mainte-nance. This test was used to prove that a VIO Server can be stopped (or fail) without causing any disruption to the application. In this case, the partner VIO Server is expected to assume the load and continue in un-interrupted production.\n",
      "Result was a short I/O suspend of some seconds for the takeover and no impact on the  application.\n",
      "LPAR\n",
      "VIO1 VIO2\n",
      "SVC\n",
      "Storage2vscsi vscsi\n",
      "Storage1SANSAN\n",
      "Figure 7.2.5.1: Reaction to the failure of a VIO Server Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 38Failure of a SAN fabric or a FC controller\n",
      "A FC controller, SAN connection, and even a complete SAN switch can fail, or a section of the fabric may be removed for scheduled maintenance purposes. In such cases, the I/O should be rerouted through the red-undant path on each of the VIOS and the application should not be affected. The multipath environment should continue production I/O without interruption.\n",
      "The result for such a failure in the proof of concept \n",
      "was only a short I/O suspend of some seconds, with no impact to the Demand Planning application running in parallel batch.i\n",
      "SANvscsi vscs\n",
      "SANLPAR\n",
      "VIO1 VIO2\n",
      "SVC\n",
      "Figure 7.2.5.2: Reaction to the failure of a SAN switch or fabric component\n",
      "Failure of a complete storage systemIt may be possible that one of the storage systems might fail or might need to be stopped for maintenance purposes.In this case, the mirroring function of the SAN Volume Controller ensures that the data remains available and production can continue.\n",
      "i\n",
      "SANvscsi vscsi\n",
      "SANLPAR\n",
      "VIO1 VIO2\n",
      "SVC\n",
      "Figure 7.2.5.3: Reaction to a storage server failure in a mirrored storage design Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 397.2.6 Design overview – network\n",
      "The TCP/IP network design done for the high-availability infrastructure implements the same \n",
      "approach as was done in support of the storage area network. The dual VIO Servers provide red-undant paths from the LPARs to the network.\n",
      "The network is expected to consist of redundant switches, and each network adapter connected \n",
      "to a different switch. With this confi  guration, a switch, a cable, an adapter and even a VIO Server can fail without disrupting network access for the application.\n",
      "HypervisorDB HADR SAP central services\n",
      "SAP liv eCache\n",
      "VIOS1\n",
      "VIOS2HypervisorHypervisorHypervisorDB HADR SAP central services\n",
      "SAP liv eCache\n",
      "VIOS1\n",
      "VIOS2WAN\n",
      "Back-\n",
      "bone\n",
      "Figure: 7.2.6.1 Overview of the logical network\n",
      "The network connection for the systems is provided by two networks, one internal (SAP back-bone network) and the other external (maintenance network). The maintenance network is protected from external access through a fi  rewall, and is used for administration access and for backup traffi  c.\n",
      "Both, the internal and the external networks are routed within the Power systems through the \n",
      "IBM Power Hypervisor as virtual networks. These two virtual networks are connected to the virtual networks on the second Power system over a physical connection to the network switches. In this case, when all primary servers are on one machine, all application traffi  c is routed through virtual network and the hypervisor. Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 40If a component fails and its service is moved to the standby servers on the second Power system, \n",
      "traffi  c between the application components will then transverse the physical network as well.\n",
      "LPARLPAR\n",
      "LPARLPARVIO1 VIO2ExternalNetwork\n",
      "Backbone Network\n",
      "LPARLPAR\n",
      "LPARLPARVIO1 VIO2\n",
      "System 1 System 2\n",
      "Figure 7.2.6.2: Internal and external network design over Hypervisor Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 41Design for shared Ethernet adapter failover\n",
      "Company EthernetVIO1 VIO2\n",
      "Control\n",
      "ConnectionLPAR\n",
      "VirtualEthernet\n",
      "Dual Path\n",
      "Figure 7.2.6.3: Multiple paths for the virtual Ethernet\n",
      "The LPAR automatically recognizes a virtual Ethernet adapter in the same way as it a physical \n",
      "Ethernet adapter. In the view of the application levels above, the virtual adapter is a physical ad -\n",
      "apter. A virtual adapter however has the benefit of providing multiple paths over the VIO Servers and over more than one physical adapter. This virtual Ethernet is connected through both VIO Servers and therefore it has two paths. On each of the VIO Servers there is a bridging device between the virtual and a physical Ethernet. This bridging device, also called a shared ethernet adapter (SEA), is set up as a failover SEA and a control connection is created between the two VIO Servers. The control connection coordinates the failover response.\n",
      "A priority is assigned to each the SEA, so there is a primary and a secondary SEA. In normal \n",
      "operations, the traffic goes over the primary SEA and in case of a failure; the secondary SEA will take over. Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 42Design with network interface backup in the client partition\n",
      "An alternative method for an Ethernet connection through two VIO Servers is the network interface backup in the client partition. In this case, two virtual Ethernets are created, one per VIO Server. These two virtual networks both have a connection port to the client LPAR and the LPAR sees two Ethernet interfaces. The client LPAR uses two virtual Ethernet adapters to create a network link that consists of one primary adapter and one backup adapter, the same method as used to bundle physical adapters in the past.\n",
      "The interface is defined on the network link. If the primary adapter becomes unavailable, the \n",
      "network interface backup switches to the backup adapter. The failover action takes place on the LPAR in this implementation rather than at VIO level. This method makes the network configu -\n",
      "ration somewhat more complicated, and as also only one network path is used at any given time (no load balancing), it provides no obvious advantage to the SEA failover. \n",
      "For this reason, the simple SEA solution was selected for the proof of concept.\n",
      "Company EthernetVIO1 VIO2LPAR\n",
      "2 Virtual EthernetNetwork Link\n",
      "Each single path\n",
      "Figure 7.2.6.4: Multiple paths using link aggregation \n",
      "For the proof of concept it is beneficial that the load is either following one route or the other, \n",
      "but not load sharing over both. This makes the response to a failure easier to track and the shift of load from a failed path to a failover path easier to depict. A consideration for high-availability system, however, would be the effect of the consolidated data volume following a failover. If load balancing were active in the normal state, then a failure of a path would reduce the available capacity by half which may have unpredictable results on the application behavior. The volume would suddenly be all focused over one path. If the system is always working with one path or the other, then a bottleneck in capacity will be visible and need to be addressed, but it will not be hidden. A failover will not change the behavior in any unexpected way, which could be the case when the normal production capacity is suddenly halved. Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 437.2.7 Results of a network component failure \n",
      "The following tests executed in the proof of concept to verify the stability of this solution. In \n",
      "each case, the application continued operations without interruption to any of the high-avai -\n",
      "lability cluster pairs, without disruption to the (heartbeats) or between the components of the SAP systems (application server to databases). The 16 batch demand planning load was used for verification. \n",
      "Control\n",
      "Connection\n",
      "Company  EthernetControl\n",
      "Connection\n",
      "Company  EthernetLPAR\n",
      "Virtual Ethernet\n",
      "VIO1 VIO2Failure of a VIO ServerThere are possibilities for VIO Server to fail or a planned downtime to occur.\n",
      "The SEA of the second VIO Server is informed over the \n",
      "control connection that the partner SEA is not operating and takes over the function.\n",
      "In these tests, the failover was so fast; we were unable to mea -\n",
      "sure any outage of the network connection. The tools used are \n",
      "limited to one-second intervals.\n",
      "Figure 7.2.7.1: Failure of a VIO Server\n",
      "Control\n",
      "Connection\n",
      "Company  EthernetControl\n",
      "Connection\n",
      "Company  EthernetLPAR\n",
      "Virtual Ethernet\n",
      "VIO1 VIO2Fail of a Physical Network ComponentA physical network component, such as a switch or a cable connection of the physical network can fail. In such a case, the SEA of the second VIO Server is informed through the con-trol connection that the SEA on the partner is not functioning and takes over the service.\n",
      "Figure 7.2.7.2: Failure of a network fabric component Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 44Test results\n",
      "The next few graphics show the results from some of the VIO Server failure tests. The red lines \n",
      "show the point of failure and the green lines show the return of the VIO Server. These graphs come from NMON\n",
      "4 measurements done for a time interval of fi  ve seconds. These graphs in fi  -\n",
      "gure 7.2.7.3 show the view of ongoing activities as seen from the HADR primary database LPAR.\n",
      "Figure 7.2.7.3: NMON views of I/O component failover\n",
      "Failure of a VIO Server with the active network connectionThe disk activity graph, in fi  gure 7.2.7.3, shows that the disk I/O stalled for a few seconds after the failure, before I/O service was recovered. There was no interruption to application produc-tion which was running demand planning batch jobs.\n",
      "The network traffi  c (network I/O graph) drops because this traffi  c is driven by the application \n",
      "and if the application is waiting on disk I/O, it does not generate network traffi  c. However, the network traffi  c did not actually stop at any time. \n",
      "4 NMON is a performance measurement and recording took that is native on AIX. It records a large number of system metrics at set intervals and provides an spreadsheet analysis tool. One highlight of NMON is its ability to graph multiple metrics across the same time axis. Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 45Failure of a SAN fabric in the NPIV environment\n",
      "The proof of concept tested the high-availability design for both virtual SCSI and for NPIV . Figure 7.2.7.4 shows NMON graphs taken from a SAN fabric failure when using NPIV for disk I/O. The fi  rst two graphs are a view from the DB2 HADR primary database LPAR showing a similar behavior as seen in the virtual SCSI environment for a VIO failure. The fi  rst graph, disk total, shows that a short suspend occurs in disk I/O during failover. The second graph, network I/O, shows that the impact on the disk I/O is seen as a visible drop in network activity.\n",
      "Figure 7.2.7.4: VIO Server failure results with NPIV – as seen from NMON\n",
      "The fi  nal graph in fi  gure 7.2.7.4 shows the view from a VIO Server with NPIV . This represents a SAN fabric failure (actually the device cable to the SAN was disconnected). Prior to the failure, the VIO Server is distributing load over both the NPIV adapters using load balancing. At the point of failure, after a short delay, the total traffi  c level is seen to have switched to the remaining active NPIV adapter path.  The I/O load remains the same, it is simply all routed over the single remaining path from this VIO Server. After restoring the failed component, (replacing the cable), the traffi  c is automatically resumed over both adapter paths. Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 467.2.8 Lessons learned during the implementation \n",
      "Incorrect disk attributes for VSCSI disk\n",
      "If you have set up disk access through two VIO Servers using VSCSI MPIO to an AIX LPAR, \n",
      "then you need to make some changes to your hdisks because the operating systems sets up the MPIO  incorrectly.\n",
      "With the default settings, if the paths do not automatically reconnect through the second route \n",
      "following a VIO failure, ensure that the hcheck_interval and hcheck_mode are set correctly:Example for default hdisk0 settings:\n",
      "# lsattr -El hdisk0\n",
      "PCM   PCM/friend/vscsi Path Control Module    False\n",
      "algorithm  fail_over  Algorithm     True\n",
      "hcheck_cmd  test_unit_rdy  Health Check Command   True\n",
      "hcheck_interval 60   Health Check Interval    True\n",
      "hcheck_mode  nonactive  Health Check Mode    True\n",
      "max_transfer  0x40000  Maximum TRANSFER Size   True\n",
      "pvid   00cd1e7cb226343b0000000000000000 Physical volume identifier False\n",
      "queue_depth  3   Queue DEPTH    True\n",
      "reserve_policy  no_reserve   Reserve Policy     True\n",
      "IBM recommends a value of 60 for check_interval and hcheck_mode should be set to nonactive. \n",
      "Normally nonactive is the default but this setting should be verified.\n",
      "T o change these values (if necessary):\n",
      " # chdev -l hdisk0 -a hcheck_interval=60 -P\n",
      " # chdev -l hdisk0 -a hcheck_mode=nonactive –P\n",
      "You need to reboot for automatic path recovery to take effect.\n",
      "If the check_interval and hcheck_mode are not set as described, or no reboot has been done since \n",
      "the change, you are likely to experience the following error even after the failed path is back online:\n",
      "# lspath\n",
      " Enabled hdisk0 vscsi0\n",
      " Failed  hdisk0 vscsi1\n",
      "In this case the situation has to be fixed manually using the following commands: # chpath -l hdisk0 -p vscsi1 -s disable\n",
      " # chpath -l hdisk0 -p vscsi1 -s enable Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 47Rechecking the status now should show:\n",
      "# lspath\n",
      " Enabled hdisk0 vscsi0\n",
      " Enabled hdisk0 vscsi1\n",
      "Duplicate WWN for NPIV\n",
      "When a NPIV adapter is created, the system assigns two worldwide network (WWN) addresses to this adapter.\n",
      "You can see the both WWNs on the attributes page of the virtual FC adapter on the Hardware \n",
      "Management Console (HMC).\n",
      "Figure 7.2.8.1: HMC view of NPIV properties\n",
      "On the SAN infrastructure only one of the WWNs of the adapter is visible and active. The second WWN is needed for live partition mobility (LPM)\n",
      "5. On the destination LPAR, the \n",
      "second WWN will be activated during a LPM operation.\n",
      "If LPM is in plan, it is necessary that the second invisible WWN is also defined in the SAN zo -\n",
      "ning between the host and storage subsystem. Otherwise LPM will not work correctly.\n",
      "5 IBM PowerVM provides the functionality to move an active LPAR between Power servers. This functionality is \n",
      "based on VIO and is controlled by the hardware management console (HMC). The LPAR being moved must take \n",
      "its I/O access with it and therefore virtual adapters must also support mobility. Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 48Disk access failures on VIO Server\n",
      "There are two attributes that should be set to allow both VIO Servers to access disks that are \n",
      "assigned to both. Otherwise access from the second VIO Server will result in errors.\n",
      "The following attributes should be set, per hdisk, to enable access from both VIO Servers:\n",
      "reserve_policy=no_reserve and algorithm=round_robin\n",
      "The attributes can be set as follows:\n",
      " chdev -dev hdisk0 -attr reserve_policy=no_reserve\n",
      " chdev -dev hdisk0 -attr algorithm=round_robin\n",
      "7.2.9 A note on network and domain name server (DNS)\n",
      "In a highly reactive cluster environment, the domain name server can become a single point of failure. As the IP information is critical to the cluster success, and a long DNS search can cause problems with the cluster behavior, the cluster IP information is maintained locally. The DNS is configured to first use the local and then follow the DNS search path. Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 497.3\t Tivoli\tclustering\t–\tTivoli\tSystem\tAutomation\tfor\tMultiPlatforms\n",
      "This section covers the functionality and design overview of the Tivoli clustering software used \n",
      "for both DB2 HADR and the SAP central services in the proof of concept. \n",
      "7.3.1 Introduction to Tivoli System Automation for Multiplatforms\n",
      "The minimal target for a clustering solution in this mission-critical SAP SCM software was a recovery time of less than five minutes for the service supported for any component, and appli -\n",
      "cation data consistency in the case of database failover. The methodology used in this proof of concept was to go beyond the functionality tests, and rigorously test the solution behavior under typical application load.\n",
      "In this proof of concept, using the general best practices, the test team easily achieved recovery \n",
      "times that range from one to two minutes under load conditions (massive parallel demand plan -\n",
      "ning) and have proven data consistency after failover for both batch demand planning and the cross-system transactional ATP checks. \n",
      "IBM Tivoli System Automation for Multiplatforms (Tivoli SA MP) was used as the clustering \n",
      "software and IBM DB2 HADR was the database cluster solution providing an ultrafast failover. What made Tivoli SA MP so compelling in our project was the “out-of-the-box”\n",
      "6 integration \n",
      "with DB2 HADR on the one hand and the predefined polices for SAP central services on the other. SAP and IBM DB2 development teams work closely together to enhance the integration of DB2 HADR/Tivoli SA MP and SAP software to make this an easy to use high-availability solution. With the SAP cluster setup tool (SAP Note 960843) for the database cluster and the Tivoli SA MP policies for the SAP central services cluster, the test team was able to set up and customize the cluster in a very short time. \n",
      "Main components\n",
      "The main components of the clustering software were Tivoli SA MP and the reliable scalable cluster technology (RSCT) software products from AIX. Tivoli SA MP is built on top of the inf-rastructure that RSCT provides on the operating system level to automate the switching of users, applications, and databases. Tivoli SA MP was used to automate the takeover of the database cluster by switching the role of primary DB2 HADR database from Host A to Host B, including the relocation of the service IP address. The service IP address is the access point for the SAP disp+work processes to access the database. It is therefore essential that this IP address follows the active database instance during a failover. On the application side an additional layer of high availability was introduced: the DB2 replica -\n",
      "tion feature (HADR), for an ultrafast database takeover. HADR does this with an active /semi-active concept of two identical databases that are kept in synchronization through log record shipping, and both the databases are online at the same time. One is the primary and the other the standby database.\n",
      "6 Tivoli SA MP support for DB2 HADR, with installation methods and supported policies, is integrated into the \n",
      "installation kits for SAP software and delivered as part of the product under an OEM agreement. Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 50From the network side all internal cluster communication, such as IP heartbeat, network tiebrea-\n",
      "ker, and log record shipping have been routed through the internal network to shield the databa-se from unauthorized access by end users.en1 \n",
      "DB2 HADR Primary Service IP  \n",
      "en1 Service IP  \n",
      " \n",
      " \n",
      "IP Heartbeat \n",
      "Network T iebreaker \n",
      "Log Record Shipping SA MP/RSCT  Backbone Network \n",
      "vscsi npiv \n",
      "Disk heartbeat \n",
      "SA MP/RSCT  \n",
      "DB2 HADR \n",
      "Primary Service IP  \n",
      "DB2  Instance DB2  Instance Host A  Host B \n",
      "DB2 Database \n",
      "Primary DB2 Database \n",
      "Standby SAP SCM \n",
      "App Server \n",
      "Official hostname  \n",
      "Rotating fallover IP  \n",
      "address \n",
      "Figure 7.3.1.1: Components of the database cluster\n",
      "7.4 Tivoli clustering concept for ABAP Database\n",
      "This section describes the functionality of the highly available DB2 database and how it benefi  ts \n",
      "the end-to-end solution design.\n",
      "7.4.1 IBM DB2 HADR \n",
      "During implementation, the test team used IBM DB2 for AIX with the replication feature: HADR provides a high-availability solution for both, partial and complete site failures. SAP customers that purchased IBM DB2 from SAP via OEM\n",
      "7 can use this feature at no cost as it is \n",
      "an integral part of the database engine, which provides greater protection and higher availability then a traditional failover. Each of the database instances has their own data and logs – there is no data sharing. This is an additional benefi  t for high availability. \n",
      "Another important fact is that \n",
      "the HADR cluster can span two sites for a disaster recovery scenario.\n",
      "7 OEM = original equipement manufacturer Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 51Without the HADR feature, the database high-availability design would be based on a mecha-\n",
      "nism to move the database to the surviving side, implying a cold start of the database which will increase the overall recovery times (traditional failover scenario). Whereas with HADR the standby database is already active, all database buffers are already fi  lled, thus providing an extre-mely quick failover.\n",
      "The primary server is the location of the source database and provides the active database service.  \n",
      "As transactions are processed on the source database server, database log records are automati-cally shipped to the secondary server. The test team cloned the standby database from the source database through an offl  ine backup or a FlashCopy through the SAN Volume Controller level. When HADR is started, log records are captured on the primary database and sent to the secon-dary database. After receiving, they are replayed on the secondary database. Through continuous replay of the log records, the secondary database keeps an in-sync replica of the primary database and acts as a standby database.\n",
      "Application\n",
      "DB2 Engine\n",
      "Tables\n",
      "Indexesnew\n",
      "logsold\n",
      "logsTables\n",
      "IndexesTables\n",
      "IndexesTables\n",
      "Indexesnew\n",
      "logsold\n",
      "logsHADR HADRSTANDBY SERVER PRIMARY SERVER\n",
      "Replay Master\n",
      "Shredder\n",
      "Redo Master\n",
      "Redo WorkersAlternate Connection\n",
      "(failover, client reroute)\n",
      "Primary Connection\n",
      "log writer log reader log readerLog BufferDB2 Engine\n",
      "Log Buffer\n",
      "Figure 7.4.1.1: IBM DB2 HADR principles\n",
      "Level of data protection\n",
      "HADR offers three levels of protection to prevent potential loss of data: \n",
      "• Synchronous mode\n",
      "• Near-synchronous mode\n",
      "• Asynchronous mode\n",
      "Synchronous mode offers the best protection of data at the expense of performance. As the com-mit is not written before, the primary receives acknowledgment that the secondary has applied the log records. The asynchronous mode gives less protection, and in this mode, the log write and send actions are performed in parallel, but the primary does not wait for an acknowledgment from the standby. Therefore network delay is not an issue. This is the reason why this mode is well suited for WAN application. SAP and IBM recommend using the near-synchronous mode  Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 52as it combines the advantages of both by providing nearly the same data protection as the syn-\n",
      "chronous mode and the overhead on the network is minimal. In the near-synchronous mode, the primary writes and sends log pages in parallel and waits for an acknowledgement from the stand-by before issuing the commit. The standby then sends the acknowledgement after applying the log records to the log buffer. \n",
      "HADRTCP/IP Socket\n",
      "Asynchronous\n",
      "Near-Synchronous\n",
      "Synchronoussend()\n",
      "receive()HADRSTANDBY SERVER PRIMARY SERVER\n",
      "new\n",
      "logsnew\n",
      "logslog writer\n",
      "Commit\n",
      "succeededlog writer\n",
      "Figure 7.4.1.2: HADR Synchronization modes\n",
      "IBM DB2 high-availability feature \n",
      "With the SAP cluster setup tool, sapdb2cluster.sh the DB2 high-availability feature can easily be deployed in an SAP DB2 HADR environment using IBM Tivoli SA MP . Through the strong integration of Tivoli SA MP with DB2, the test team was are able to manage the database cluster either with Tivoli SA MP cluster or with native DB2 HADR commands, such as db2 takeover, db2 start hadr, or stop hadr. This is a big relief in daily operation for the DB2 database adminis-trators who are more familiar with the DB2 syntax. Due to the tight integration of DB2 HADR with the SAP software, SAP customers also the option to start and stop DB2/HADR by using the startsap and stopsap commands instead. This provides further simplifi  cation of operating the HADR cluster. The SAP script handles the start and stop sequence for the HADR cluster under the covers.\n",
      "Hardware and software requirements\n",
      "The following prerequisites are necessary for implementing IBM DB2 HADR: \n",
      "a) Same database name for primary and standby database (SID)b) Same operating system and DB2 levels. (This rule can be violated for the DB2 level/\n",
      "OS system for a short time during a rolling upgrade.) \n",
      "c) High-speed backbone IP network between database nodes appropriate to the applica-\n",
      "tion load \n",
      "d) Identical table spaces and containers  Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 53T o accelerate the catch-up process, the log archive device for the primary and standby databases\n",
      "were shared by using NFS mounts for the archive logs, in addition to the SAP shared directories/usr/sap/trans and /sapmnt. This allows a single high-capacity network connection for NFS toserve the SAP needs, the archive needs, and the recovery needs.\n",
      "In an HADR environment, both the database servers need the same hardware resource for op -\n",
      "timal performance.  The proof of concept used Power virtualization methods to prioritize the \n",
      "processor resource distribution. This priority schema ensures that the necessary resources are dynamically redistributed according to requirements and the role of the components in the SAP SCM system. A cluster component will have very high priority, and can be sure that the proces-sor resources it needs for recovery will be available within 10 milliseconds, as nothing has higher priority than recovery of the production services.\n",
      "In this way the test team avoided the congested HADR state. Congestion occurs when the stand -\n",
      "by is unable to keep up with the transaction load generated by the primary, which causes the \n",
      "standby to fall behind or the performance of the primary to degrade.  \n",
      "The graphs in figure 7.4.1.3 and figure 7.4.1.4 depict the number of commits written by the \n",
      "application on the primary and the log gap (in kilobyte) between the primary and the standby databases resulting from a demand planning batch run. The demand planning application issues commits on a frequent basis which forces the primary to write the log records to disk and send them to the secondary in parallel (near-synchronous mode).  The frequent commit rate keeps the log gap small. The log gap shows the difference between the primary log sequence number (LSN) and the standby log LSN. The relatively low log gap and the fast takeover times are an indicator that the standby was capable to apply the log files fast enough to keep this gap very small. The test team has not seen any evidence that the commits are slowing down on the prima -\n",
      "ry which would have been the case if the standby was not capable of keeping pace in applying the log file. \n",
      "Another aspect which arises in failover situation is the shift in processing capacity requirements. \n",
      "The new primary database needs adequate resources to service the client applications – more re -\n",
      "sources than it required as a standby. During the tests, the test team did not encounter any signs of congested state or performance degradation when moving from one to the other database ser -\n",
      "ver. In this implementation, PowerVM was used to ensure the necessary availability of processor capacity. \n",
      "During the demand planning batch runs, the standby consumed around 50 percent less processor \n",
      "power then the primary, and has nearly the same memory requirements (12 percent less than the primary). The log record shipping generates additional load over the network, therefore net -\n",
      "work throughput is another key performance focal area in an HADR implementation. The Gbit Ethernet in the proof of concept scenario was sufficient for throughput/performance.  Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 54\n",
      "Figure 7.4.1.3: Primary database number of commits during Demand Planning batch run\n",
      "Figure 7.4.1.4: Secondary database log gap in KB during Demand Planning batch run Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 557.4.2 Automate IBM DB2 HADR cluster with Tivoli SA MP\n",
      "With IBM DB2 HADR alone it is not possible to automate the failover of the database or the \n",
      "migration of the service IP address. This is where Tivoli SA MP comes into play. Tivoli automa-tes the failover and offers cluster support. In setting up the cluster automation the test team used the SAP cluster setup tool, sapdb2cluster.sh, which defi  nes the SA MP resources as well as setting up the HADR defi  nitions for the database by invoking the DB2 high-availability instance confi  -guration utility (db2haicu). \n",
      "This section describes in more details how DB2 HADR was implemented with Tivoli SA MP \n",
      "based on a best practices. Figure 7.4.2.1 illustrates the cluster layout.\n",
      " \n",
      "NFS Server \n",
      " \n",
      " \n",
      "  \n",
      " \n",
      " \n",
      " \n",
      "  \n",
      " \n",
      " \n",
      " \n",
      "  \n",
      " \n",
      "WAN Development & Maintenance \n",
      "Backbone Network \n",
      "en0 en1 \n",
      "/sapmnt/ \n",
      "/usr/sap/trans \n",
      "/archive_logs \n",
      "Disk  \n",
      "Heartbeat en0 en1 \n",
      "Tivoli SA  MP \n",
      "RSCT Host A Host B Host C \n",
      "DB2 HADR Primary Service IP  \n",
      "DB2 Instance   \n",
      "  \n",
      " \n",
      " \n",
      " \n",
      "  \n",
      " \n",
      " \n",
      " \n",
      "  \n",
      " DB2 HADR \n",
      "Standby Service IP  en1 en0 \n",
      "Primary \n",
      "Database \n",
      "Standby \n",
      "Database DB2 HADR \n",
      "Standby \n",
      "Service I PTivoli SA  MP \n",
      "RSCT \n",
      "DB2 HADR \n",
      " Cluster IP Heartbeat \n",
      "IP Tiebreaker \n",
      "NFS Log record shipping \n",
      "Database connections \n",
      "RFC Calls  \n",
      "DB2 Instance   Backup Admin IP Heartbeat \n",
      " \n",
      "Figure 7.4.2.1: Layout – IBM DB2 HADR – Tivoli SA MP Cluster\n",
      "Two-node scenario \n",
      "Setup of a two-node cluster required the use of a tiebreaker to avoid a split brain situation. The following section describes the concept of a tiebreaker and the reason for the decision to use a network tiebreaker together with disk heartbeat functionality. Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 56Network tiebreaker and disk heartbeat\n",
      "An even number of nodes (two nodes) implementation always requires a tiebreaker to solve a \n",
      "split-brain situation. A split brain can occur when all private links go down simultaneously, but the nodes still remain active. If this happens, the cluster service cannot detect the problem, it might be that the either the nodes or the network is down. In this situation, to prevent each node in the cluster staring services that the other node is still running, a tiebreaker resource will be called which can help decide which node is allowed to run critical resources and gains the ope -\n",
      "rational quorum. If the node with service IP loses the competition for the tiebreaker, it will be immediately rebooted, and the resource will be moved to the winning node. There are four main groups of tie breakers in Tivoli SA MP: disk tiebreaker (most secure), network tiebreaker (easy to implement), operator tiebreaker (manual intervention by an operator) and an additional node (hardware/software/maintenance overhead).\n",
      "The test team wanted to combine the diagnosis routes of the disk and network tiebreaker, but \n",
      "they cannot be used together. Therefore, the team decided for the network tiebreaker against the disk tie breaker because it is easy to implement, has no hardware dependencies, and evaluates the availability of communication. T o overcome the downsides of the network tiebreaker, the recommendation was to add the relatively new functionality of the disk heartbeat (available since Tivoli SA MP 3.1.0.7 / 3.2.0.0). In cases where all IP network connections fail, the disk heartbeat decreases the chances of a cluster split because it is able to distinguish between a network and a node failure. With this solution, the team achieved faster failover times of approximately 30 seconds in case of a network error on the node that holds the service IP address. This is because, the network tiebreaker was not needed to resolve this error as the disk heartbeat was sufficient, and therefore there a reboot of the node was avoided. \n",
      "The team followed the rules for implementing the network tiebreaker and used the gateway \n",
      "router in the same subnet for the network tiebreaker ensuring that there is only one hop between each node in the cluster and the tie-breaker. The node that acts as the network tie breaker also appears as the NFS server and SAP Router in the proof of concept configuration.\n",
      "Network considerations\n",
      "The team implemented the traditional protection of SAP systems from direct client access by shielding the SAP system, including the database resources from the client network. The back -\n",
      "bone network covers all traffic between the database and the SAP application servers and SAP central services including intersystem communication, such as RFC and CIF calls. The SAP router node acts as the gateway between the client and the backbone network for network traf -\n",
      "fic generated by SAP GUI communication. All DB2 HADR communication routes (i.e. for log record shipping) were defined through the backbone network. On the Tivoli SA MP side, the network tiebreaker and the IP Alias were configured over the backbone network. The Tivoli SA MP IP heartbeat uses all available networks.\n",
      "Global directories, such as the DB2 archive logs, /sapmnt and /usr/sap/trans, also use NFS \n",
      "through the backbone network. Primary and standby database have access to the same archive log directory through the backbone NFS. The administration system supporting the SAP router also acted as the NFS server in this scenario. Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 57IP Alias\n",
      "In the literature, the terms virtual IP address and IP alias are used interchangeably, therefore, in \n",
      "this document the team agreed to use the term, IP alias.\n",
      "We have used the concept of IP alias to enable the SAP services (such as message/enqueue ser -\n",
      "ver, dispatcher, and so on) to automatically reconnect to the new primary database in case of a \n",
      "failover without being restarted. SAP fully supports IP alias takeover and also includes automatic reconnect features. The virtual host name is a reference on the DNS server or to the IP Alias in the /etc/hosts files. For more details, refer to the information on DNS in chapter 7.2 of this proof of concept.\n",
      "In this case, the IP alias was defined as an additional stack on the en1 adapter (backbone net -\n",
      "work) and the virtual hostname was provided to sapinst as a start parameter: SAPINST_USE_\n",
      "HOSTNAME=<virtual hostname>. Also the cluster setup executed with the sapdb2cluster.sh script was done with the virtual hostname (DB2_HA_HOSTNAME) and IP Alias (DB2_HA_IP_ADDRESS). Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 58Mapping DB2 HADR components to Tivoli SA MP resources\n",
      "Figure 7.4.2.2 shows the mapping of the DB2 HADR components, including the IP alias, to Ti-\n",
      "voli SA MP resources. All resource defi  nitions have been done with the sapdb2cluster.sh script. \n",
      "DB2 HADR Resource Group:\n",
      "db2_db2sc2-db2sc2_SC2-rg\n",
      "Floating Resource:\n",
      "DB Name: sc2\n",
      "db2_db2sc2_db2sc2_SC2-rs\n",
      "Floating Resource:\n",
      "db2ip_10_1_1_200-rs\n",
      "DB2 Resource Group:\n",
      "Instance: db2sc2\n",
      "Host: B\n",
      "db2_db2sc2_is04d2i_0-rgDB2 Resource Group:\n",
      "Instance: db2sc2\n",
      "Host: A\n",
      "db2_db2sc2_is03d2i_0-rgDB2 HADR\n",
      "Service IP Service IP\n",
      "NIC Name: en1\n",
      "Backbone\n",
      "networkNIC Name: en1DB2 HADR\n",
      "db2_db2sc2_is03d2i-rs db2_db2sc2_is04d2i-rs\n",
      "Network Equivalency Group\n",
      "en1 en1Host A Host B\n",
      "Figure 7.4.2.2: Mapping DB2 HADR components to the Tivoli SA MP resources\n",
      "The DB2 HADR cluster and IP alias form one DB2 HADR resource group and are defi  ned as fl  oating resources. A fl  oating resource can be moved between the nodes. Service IP represents the IP alias, the access point to the active database. In the case of a takeover, the service IP and the HADR role (primary) will be moved to the other cluster node. The DB2 instances on both the nodes are defi  ned in the DB2 resource groups as fi  xed resources. Fixed resources are bound to one node. \n",
      "It is important to understand the difference between the DB2 resources used for the DB2 in-\n",
      "stances and the DB2 HADR resource used for the DB2 HADR database. The DB2 resources are used to keep the instances online on their local nodes – for example, instance db2sc2 on \n",
      "Host A and instance db2sc2 on Host B. This is necessary in a DB2 HADR confi  guration because both sides of the HADR pair need to be online for normal operation. It is not necessary to failo-ver the DB2 resource group containing the db2 instance (db2sc2) from Host A to Host B or vice versa. Assume that db2sc2 is the primary instance for the database SC2. If the cluster node Host A goes down, the DB2 HADR resource is used to issue a TAKEOVER command on the databa-se SC2 on the standby instance db2inst2 on Host B. Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 59Network equivalencies define on which network interface controller (NIC) i.e. the Service IP \n",
      "will be activated. Therefore, it is necessary to define a network equivalency group so that Tivo-li SA MP is notified of NIC failures from the RSCT subsystem. An equivalency is similar to a resource group except that all its members will be of the same class (for example, IBM.Networ -\n",
      "kInterface in this case). \n",
      "A DependsOn relationship between the service IP and the network equivalency was defined to \n",
      "ensure that the resource (service IP) is started only when the target (NIC) is online. It includes an implicit collocation (the service IP is started at the same node as the NIC) and a force down behavior (if NIC fails, service IP is stopped). In this case, both the nodes have the NIC in the same network, and therefore, in case of NIC failure, the group is placed offline on the current node and moved to one that still has active NICs in the required equivalencies or networks. Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 607.5\t Tivoli\tclustering\tfor\tSAP\tcentral\tservices\tfor\tABAP\t(ASCS\tinstance)\n",
      "This section describes the design around the critical components of the SAP application server \n",
      "architecture and how they are made highly available.\n",
      "7.5.1 SAP central services – potential single points of failure\n",
      "In the standard central instance implementation, there are several potential single points of failu -\n",
      "res which can stop production activities. These include the database server, the global directories (shared file systems) and the SAP central services, consisting of enqueue and message server. \n",
      "The picture below shows a standard ABAP installation based on the SAP software kernel 7.0 in \n",
      "a non high-availability environment. The SAP central instance (SAP CI) runs the SAP primary application server including the SAP central services (SAP CS): message and enqueue services. The central services are unique system wide services which exist once per SAP system and there -\n",
      "fore represent single points of failure together with the database and the NFS Server. The single points of failure are marked with red cycles in the graph below. With the loss of the enqueue services, online and batch transactions will be canceled and rolled back; no transactions can be started. The consequence is downtime for SAP system until the services are restored. It is, there -\n",
      "fore, not sufficient to make the database highly available. The other sources of failures must also be addressed, as they will also negatively impact the system availability. \n",
      "In regard to the global shared directories, the test team assumes that most of the customers have \n",
      "already a HA NFS solution in place as this is a general requirement within an SAP landscape, and therefore, exclude this from the local cluster solution. The next section concentrates on the HA solution for the SAP central services. Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 61Primary Application Server\n",
      "Instance with Central ServicesDVEBMGS\n",
      "- Enqueue Server\n",
      "- Message ServerSAP Router + NFS Server\n",
      "DB2 Database Server\n",
      "NFS export\n",
      "Data connectionClient connection\n",
      "Single Point of Failure (SPOF)SAP Clients\n",
      "/usr/sap/trans\n",
      "/sapmnt/\n",
      "/archive_logs\n",
      "Additional\n",
      "Application\n",
      "ServersBatch\n",
      "Server\n",
      "Figure 7.5.1.1: ABAP Central Instance including SAP central services, enqueue and message server (SAP software kernel 7.0)\n",
      "SAP stand-alone enqueue server and SAP enqueue replication server\n",
      "The SAP enqueue service maintains application logical locks in an “in-memory” buffer for speed of transaction processing. Loss of the enqueue service will result in loss of the current lock status and therefore a necessary rollback of uncommitted transactions. The system will be nonfunc-tional (resulting in system downtime) until the services have been restored. T o improve on this, SAP has developed an enqueue solution for high-availability scenarios. The solution consists of the stand-alone enqueue server (EN) and the enqueue replication server (ERS). The enqueue replication server is used to maintain an ongoing and up-to-date copy of the state of the logical locks. Clients can connect directly to stand-alone enqueue server. When the stand-alone enqueue server fails, it will be restarted by the cluster software on standby node and the enqueue replica-tion server will be stopped. The stand-alone enqueue server reads the replication table and builds up the enqueue table in memory exactly as it was earlier. The high-availability software routes the clients through the service IP to the new stand-alone enqueue server. In this way, the logical locks are maintained over a failure, and the application can continue.\n",
      "The picture below shows the enqueue replication process. The test team followed this approach \n",
      "to make the enqueue services highly available. Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 62\n",
      "Standalone Enqueue Server\n",
      "Serialized\n",
      "Enqueue\n",
      "ProcessingSerialized\n",
      "Enqueue\n",
      "requests\n",
      "Serialized\n",
      "replication\n",
      "requests\n",
      "Replication\n",
      "Client\n",
      "Process\n",
      "EnqueueKeyI/O\n",
      "Thread\n",
      "Source: SAPResponse\n",
      "to Client\n",
      "blocked until\n",
      "replication\n",
      "doneReplication\n",
      "response frees\n",
      "response\n",
      "to client\n",
      "Replication\n",
      "ServerReplicated\n",
      "EnqueueServerApplication Server\n",
      "Dispatcher\n",
      "WP2 WP3 WP1\n",
      "Enq. Table\n",
      "copyEnq. Table\n",
      "Figure 7.5.1.2: Standalone enqueue server and enqueue replication server (ERS) (Source: SAP Help Portal)\n",
      "SAP central services for ABAP (ASCS instance)\n",
      "The fi  gure below shows the main SAP components and the service IP that comprises the ASCS \n",
      "cluster. The network and disk heartbeat components used here, have already been discussed in section: Network tiebreaker and disk heartbeat of chapter 7.4 and therefore can be omitted as the functioning is comparable.\n",
      "In the fi  gure 7.5.1.3, the components in darker blue are the active resources on this host. The \n",
      "areas in light blue are inactive and will be activated during failover by the cluster software.\n",
      "T o make the ASCS instance highly available, the team followed standard SAP installation pro-\n",
      "cedure and implemented the central services instance for ABAP (ASCS instance) and the central instance with the SAPinst tool on Host A. As no SAP components in Java™ were used, no SCS instance was needed.  Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 63SA MP/RSCT SA MP/RSCTBackbone NetworkHost A\n",
      "ASCS Instance\n",
      "ASCS00\n",
      "ERS service\n",
      "Enqueue replication\n",
      "Central Instance\n",
      "DVEBMGS01Service IPASCS InstanceASCS00\n",
      "ERS service\n",
      "Enqueue replication\n",
      "Add. Application Server\n",
      "D01Service IPHost B\n",
      "npiv vscsiService IP\n",
      "IP Heartbeat\n",
      "Network Tiebreaker\n",
      "Enqueue Replication\n",
      "Disk\n",
      "heartbeatDisk\n",
      "heartbeat\n",
      "en1en1\n",
      "Figure 7.5.1.3: Main components of the SAP ASCS services cluster Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 647.5.2 SAP central services made highly available with Tivoli SA MP\n",
      "/sapmnt/\n",
      "/usr/sap/transSAP Router\n",
      "NFS ServerSAP ERP\n",
      "Disk\n",
      "HeartbeatFirewallFirewall\n",
      "Host ESAP Clients\n",
      "Backbone NetworkWAN Development & MaintenanceHost D\n",
      "Host CHost C Host B\n",
      "SAP CS\n",
      "ClusterHost ABackup\n",
      "AdminIP Heartbeat\n",
      "IP HeartbeatIP Tiebreaker\n",
      "NFS SAP GUI\n",
      "connections\n",
      "Enqueue Replication\n",
      "DatabaseConnections\n",
      "ASCS Instance\n",
      "ASCS00\n",
      " Service IP\n",
      "ERS service\n",
      "Enqueue replication\n",
      "Add. Application\n",
      "Server - D01- Dialog serverASCS Instance\n",
      "ASCS00\n",
      " Service IP\n",
      "ERS service\n",
      "Enqueue replication\n",
      "Central InstanceDVEBMGS01- Dialog serverWAN\n",
      "en0 en1 en0 en1 en0 en1en0 en1en0 en1\n",
      "Add. Application\n",
      "Server – D01-Batch server\n",
      "Figure 7.5.2.1: Layout – SAP central services – Tivoli SA MP cluster \n",
      "Refer to the “IBM Tivoli SA MP and IBM DB2 HADR” section in chapter 7.4 for details on the fol -\n",
      "lowing topics: Two-node scenario, network tiebreaker and disk heartbeat, network considerations, and IP \n",
      "alias. As the concepts and implementation were identical, the design criteria apply to both.\n",
      "The ASCS instance hosting the central services on host A and the ERS on host B form the SAP \n",
      "central services cluster. In addition, three application servers were installed, two of them acted as dialog servers and the third one on host C covers the batch load. Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 65Mapping SAP central services components to Tivoli SA MP resources\n",
      "Figure 7.5.2.2 shows the mapping of the SAP central services components, including the IP alias, \n",
      "to Tivoli SA MP resources. All resource defi  nitions were performed with Tivoli SA MP high-availability policy for SAP .\n",
      "Host A Host B\n",
      "SAP ASCS - Resource Group:\n",
      "SAP_ABAP_SC2_ASCS00\n",
      "SAP ERS - Resource Group:\n",
      "SAP_ABAP_SC2_ASCS00REPFloating Resource:\n",
      "Enque Server, Message Server,\n",
      "SAP-Gateway, Send and Collector Daemon\n",
      "Floating Resource:\n",
      "Enque Server, Message Server,\n",
      "SAP-Gateway, Send and Collector DaemonFloating Resource:\n",
      "db2ip_10_1_1_200-rs\n",
      "ERS ERS\n",
      "Application ServerResource Group:Instance: DVEBMGS01SAP_ABAP_SC2_is03d3i_DVEBMGS01\n",
      "NIC Name: en1\n",
      "Backbone\n",
      "networkNIC Name: en1Network Equivalency Group\n",
      "en1 en1SAP_ABAP_SC2_is03d3i_DVEBMGS01_ASApplication ServerResource Group:Instance: D01SAP_ABAP_SC2_is04d3i_D01\n",
      "SAP_ABAP_SC2_is04d3i_D01_ASASCS00\n",
      "Service IP Service IPASCS00\n",
      "Figure 7.5.2.2: Mapping SAP central services components to Tivoli SA MP resources\n",
      "The ASCS instance and IP alias form one ASCS00 resource group, and are defi  ned as six fl  oating resources: stand-alone enqueue server (EN), message server (MS), SAP gateway (GW), system log send (SE), system log collector (CO), and the service IP .  A fl  oating resource can be moved between the nodes. Service IP represents the IP alias. In the case of a takeover, the service IP will be moved to the other cluster node. In addition, a second resource group with fl  oating resources for the enqueue replication server was defi  ned. The two application servers build two resources groups with fi  xed resources. Fixed resources are bound to one node.  Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 66In this setup there are a number of dependencies to define the start/stop and failover behavi -\n",
      "or of the resources in a controlled manner. The SAP central services resources depend on the \n",
      "service IP resource and will be started only when the service IP is online. Without the service IP address, no other SAP process might be able to connect to the central services. And again as in the previous DB2 HADR scenario, there is DependsOn relationship between the service IP and the network equivalency, which ensure that the source (service IP) is started only when the target (NIC) is online\n",
      "If the stand-alone enqueue server or the IP resource fails, no restart is attempted. This is because \n",
      "the memory buffer is already lost and the only intact copy of the enqueue table is on the replica -\n",
      "ted server, and therefore, a failover of the whole group is triggered instead. If the message server fails, first one restart is attempted. If this restart fails, the cluster manager initiates a failover of the whole group. Only the message server, the stand-alone enqueue server and the service IP resource can trigger a failover. If any of the optional three resources fails (CO, SE, or GW) and cannot be restarted, no failover is triggered.\n",
      "Tivoli SA MP defines dependencies for the stand-alone enqueue and the enqueue replication \n",
      "server\n",
      "ABAP Network\n",
      "Equivalency\n",
      "Network Interface\n",
      "One per Cluster Node\n",
      "Network Interface\n",
      "One per Cluster Node\n",
      "ABAP\n",
      "Service IPEnqueue Server\n",
      "Message Server\n",
      "SAP Gateway\n",
      "SAP System Log\n",
      "CollectorEnqueue\n",
      "Replication Server\n",
      "Primary\n",
      "Application Server\n",
      "AdditionalApplication ServerSAP System Log\n",
      "SenderABAP SAP Central Services Group Enqueue Replication\n",
      "Server Group\n",
      "Primary Application\n",
      "Server Group\n",
      "Additional Application\n",
      "Server GroupStart After, Is Startable,\n",
      "AntiCollocated\n",
      "Collocated\n",
      "if not offline\n",
      "Start  After\n",
      "Start  AfterStart After, Is Startable,\n",
      "AntiCollocated\n",
      "Collocated\n",
      "if not offline\n",
      "Start  After\n",
      "Start  AfterDepends On\n",
      "Depends On\n",
      "Depends On\n",
      "Depends On\n",
      "Depends On\n",
      "Depends On\n",
      "Figure 7.5.2.3: ASCS Tivoli SA MP policy  Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 67The stand-alone enqueue server and the enqueue replication server are distributed in the cluster \n",
      "depending on the following scenario.\n",
      "Startup scenario:\n",
      "• All resources are offline. The stand-alone enqueue server is started. During startup, \n",
      "only the Collocated/IfNotOffline relationship needs to be considered. As the enqueue replication server is currently offline, this relationship has no impact. The stand-alone enqueue server will be started in the order of the nodes listed in NodeNameList.\n",
      "• Now the enqueue replication server is started. The relationships of the ERS to the EN lead to the following behavior:\n",
      " –ERS p AntiCollocated p EN: The ERS is always started on a different node than the EN.\n",
      " –ERS p StartAfter p EN: The ERS is started after the EN has become online.\n",
      " –ERS p IsStartable p EN: The ERS is only started on a node whe-re the EN potentially can be started.\n",
      "Both EN and the ERS are now online on different nodes.\n",
      "Failure scenario:\n",
      "In a failure scenario where the stand-alone enqueue server fails, the relationships lead to a diffe -\n",
      "rent sequence of events, as the stand-alone enqueue server is not online as expected.\n",
      "• The stand-alone enqueue server is now offline due to the failure. The stand-alone enqueue server is restarted. During startup, only the Collocated or IfNotOffline rela -\n",
      "tionship needs to be considered. As the enqueue replication server is now online, this relationship starts the EN on the node where the ERS is already running. All other resources of the central services group are started on the same node where the ERS runs. After the EN has replicated the data, the ERS terminates.\n",
      "• Now the enqueue replication server is restarted on a different node. The relationship of the ERS to the EN leads to the following behavior:\n",
      " –ERS p AntiCollocated p EN: The EN and the ERS are running on different nodes Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 687.6\t SAP\tliveCache\twith\tHotStandby\tdesign\tand\trequirements\n",
      "The following information over the implementation of SAP MaxDB with HotStandby is thanks \n",
      "to the SAP Labs in Berlin where SAP MaxDB and SAP liveCache are developed. A few com -\n",
      "ments are added to connect the general design for SAP MaxDB with HotStandby to implemen -\n",
      "tation done for SAP liveCache on IBM System Storage. The focus in this document is on SAP liveCache with HotStandby as a component of SAP Advanced Planning & Optimization.\n",
      "7.6.1 SAP MaxDB/SAP liveCache with HotStandby\n",
      "A hot standby differs from a conventional failover HA solution in several ways. In a HotStandby solution, both databases are running in parallel in an active / passive partnership. The standby is maintained in a continuous restart state which allows it to maintain synchronization with the production database. This is done by reapplying log records from transactions to the standby  database. The STANDBY status of the database, between ADMIN and ONLINE makes it pos -\n",
      "sible for the standby to switch to active mode in a very short time, and maintain data consistency \n",
      "by completing all transactions.  \n",
      "The design of the liveCache HotStandby relies on the functionality of the storage subsystem. \n",
      "The requirements are the ability to generate a full stand-alone read-write split mirror of the  \n",
      "SAP liveCache data and concurrent access by both active and standby server to the database log volumes.  \n",
      "The concurrent log volumes are written by the active SAP liveCache, and read by the  standby. \n",
      "This is the mechanism for insuring that all data is synchronized in the standby. There is an \n",
      " ongoing communication between the active and standby SAP liveCache to keep the standby \n",
      "informed of the most current log record and log volume position. \n",
      "In the case of a failure of the active SAP liveCache, the standby commits any outstanding tran -\n",
      "sactions in the log, takes control of the log (switches to write mode) and becomes the active SAP \n",
      "liveCache. The SAP liveCache database instances are peers and provide rotating standby. When the failed primary server is reactivated, it will become the standby. \n",
      "SAP liveCache with HotStandby relies on the operating system to provide a cluster solution \n",
      "to detect the failure of the active SAP liveCache, switch the standby server to active status, and initiate the transfer of the SAP liveCache IP service address from the failed server to the server assuming active status.\n",
      "With HotStandby, the time needed for starting the database instance and building the memory \n",
      "structures is saved. This is important in the case of SAP liveCache due to the very large memory structures which must be initialized while starting. Additionally, the time needed for restoring log information is reduced to nearly nothing. Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 69liveCache liveCacheliveCache liveCache\n",
      "StorageSystemCluster DataAfter\n",
      "ImagesPrimary Backup\n",
      "continous\n",
      "RESTARTIP SWITCHRECONNECTApplication\n",
      "Archive\n",
      "LogData Data\n",
      "Figure 7.6.1.1: Overview of SAP liveCache HotStandby provided by SAP\n",
      "Basis of SAP MaxDB with HotStandby\n",
      "The solution, as supported in this HotStandby implementation, consists of two physically sepa-rate database servers with physically shared storage. The cluster instance on the failover system is used to detect a situation necessitating failover and to perform the operations needed to redirect client connections (IP Alias takeover). The SAP MaxDB with HotStandby implementation is based on two or more separate database servers (the IBM solution documented here supports a cluster pair) that access a single storage system. The data-volumes for each database are separate and the log volume is shared. Each database server must have its own unique network address.\n",
      "Between master and standby instances, a synchronization channel is established which is only \n",
      "needed to transfer synchronization information (such as the last write position in the log volume) but not for data transfer. The bandwidth for this link can be quite small.\n",
      "The LOG and DATA volumes have special requirements:\n",
      "• The access type to the LOG volumes is read-write to the master, and read-only to the \n",
      "standby server. Access is concurrent. The IBM solution does not restrict the standby server to read-only but relies on the logic of the takeover to ensure that only one in-stance is actively writing to the log volume.\n",
      "• Fast mirror of DATA volumes (so called split mirror or snapshot), that allows the standby server DATA volumes to be established using the current image of the master server DATA volumes and vice versa (if master/standby roles are switched). The IBM solution presented here uses the FlashCopy functionality of the IBM storage servers to generate the split mirror.\n",
      "• After a mirror of the DATA volumes is established, separation must be possible which will allow both the master and the standby servers to mount their DATA volumes for read/write. The IBM FlashCopy functionality establishes a logical copy within seconds, which can then be used as a completely stand-alone and totally consistent copy. The actual physical coping of data blocks continues in background while the new copy is already read/write capable.\n",
      " Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 70The SAP MaxDB runtime is extended by the API functions to allow mirror establishing, mirror \n",
      "separation, and read-only/read-write switching. These routines have a separate layer that abs -\n",
      "tracts the used storage system (RETHSS_API). This API is the basis of the shared library integ -\n",
      "ration of SAP liveCache with IBM System Storage.\n",
      "The SAP application programming interface (API) allows storage solution providers to integrate \n",
      "their storage functionality with the HotStandby control mechanisms of the SAP liveCache. This API exports the SAP liveCache logic that is then mapped to the functionality of the target sto -\n",
      "rage server which fulfills the necessary requirements. The end result of this API integration is a shared library which is then made available to SAP liveCache and enables the HotStandby.\n",
      "Configuration for HotStandby\n",
      "The configuration parameters are shared between all HotStandby database servers. They consist of the normal set of parameters for SAP MaxDB databases and some extended parameters for the HotStandby solution. The parameters of SAP liveCache database instances are read only once during startup. This means that the configuration file cannot be dynamically modified. How ever, \n",
      "HotStandby nodes can be added if the master is running. The default master (by convention HS_NODE_001) and the official node name used by all clients are added.\n",
      "OFFICIAL_NODE  Official node name used for client access to master node  \n",
      "    – recommended the host name used for the service IP alias.\n",
      "HS_STORAGE_DLL The name of the storage access library which implements \n",
      "    the HSS_API.\n",
      "HotStandbySyncInterval  Defines how often the master sends synchronization information \n",
      "    to the standby, instructing the standby to continue with log recovery. \n",
      "    The default value is 50 seconds.\n",
      "All other parameters are common, especially the volume names and sizes, the logical name of the \n",
      "database instance, and the cache size.\n",
      "Each instance will use the OFFICIAL_NODE for storing the official hostname in the SAP \n",
      "MaxDB system tables. The official hostname is shared over all instances. The matching local HS_NODE_NNN will be searched by using the output of uname –n on UNIX® systems. The SAP MaxDB runtime has an additional routine that allows the SAP MaxDB kernel to identify itself. This local node name must be a valid network name as it is used by the master instance to establish the synchronization channel to the standby instance.\n",
      "The OFFICIAL_NODE must not match any of the HS_NODE_NNN entries (this is the IP \n",
      "Alias used for the service address and therefore cannot be bound to a node).\n",
      "Each HS_NODE_NNN must be unique and assigned to a separate machine (in this solution, \n",
      "there is a single standby server  and so there are three IP addresses: the master, the standby, and the IP Alias). Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 71Example taken from kernel output on the HotStandby cluster:\n",
      "HotStandbyNodeName001=IS03D11HotStandbyNodeName002=IS04D11 HotStandbyStorageDLLPath=libHSSibm2145 HotStandbySyncInterval=50 HS_NODE_001=IS03D11 HS_STORAGE_DLL=libHSSibm2145 HS_SYNC_INTERVAL=50 OFFICIAL_NODE=LCHLCIP\n",
      "The names with uppercase letters are old parameter names used prior version 7.7. The old names\n",
      "can still be used for compatibility reasons.\n",
      " HS_NODE_00n = HotStandbyNodeName00n\n",
      " HS_STORAGE_DLL = HotStandbyStorageDLLPath HS_SYNC_INTERVAL = HotStandbySyncInterval\n",
      "Below are some of the commands that can be used at DBMCLI level to defi  ne the HotStandby.\n",
      "The SAP GUI database manager tool can be used to implement the HotStandby setup directly aswell.\n",
      "Figure7.6.1.2: HotStandby Commands\n",
      "See chapter 9.1 „Related documents and sources of further information” for more detailson Hot Standby commands. Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 727.6.2 Supported SAP liveCache and SAP SCM versions\n",
      "HotStandby support for SAP MaxDB/SAP liveCache began with version 7.5. Information on \n",
      "SAP liveCache versions belonging to certain SAP SCM versions can be found at  \n",
      "https://service.sap.com/pam.\n",
      " SCM 4.0 p SAP liveCache 7.5 SCM 4.1 p SAP liveCache 7.5     \n",
      " SCM 5.0 p SAP liveCache 7.6 SCM 5.1 p SAP liveCache 7.7\n",
      " SCM 7.0 p SAP liveCache 7.7\n",
      "7.6.3 SAP liveCache and SAP APO transaction LC10\n",
      "The position of SAP liveCache in an SAP SCM system, rather than as a SAP MaxDB database \n",
      "introduces some additional complexity for the failover cluster solution. liveCache is controlled from the SAP APO transaction LC10.\n",
      "From this transaction it is started, stopped, and initialized. These activities also trigger reports in the SAP APO system which release temporary locks in the SAP liveCache and perform other cleanup/syn -\n",
      "chronization activities. It is therefore not recommended to start a SAP liveCache instance from the  cluster without knowing the status it is expected to be in from the view of application. The cluster is \n",
      " required to maintain some knowledge of the application status – whether it is in status started or stopped.\n",
      "SAP APO does provide a type of user exit or hook in the routine which starts and stops SAP \n",
      "liveCache. The trigger is the existence of the script, lccluster. If this script is available, informa-tion on the action being executed by SAP APO is passed to the cluster through execution of this script. If no script exists, then the cluster is not informed.\n",
      "The lccluster script is expected in the dependent program path. As of SAP liveCache 7.5 and \n",
      " higher, this is called the installation path. So the SAP APO administration mechanism control -\n",
      "ling SAP liveCache searches and uses the following script:\n",
      " <InstallationPath>/sap/lccluster\n",
      "If the script is not found at this location, it is assumed that this is not a HotStandby and no linka -\n",
      "ge is made with the cluster support.SAP recommends using the installation path /sapdb/<SID>/db. Normally, if you install SAP \n",
      "MaxDB with SAP tools, this will be the default path set during the installation process.\n",
      "7.6.4 Overview of the solution and support\n",
      "The implementation of HotStandby supported by IBM System Storage is based on IBM flash copy functionality. Full FlashCopy with FC consistency groups is used to generate the consistent split mirror of multiple volumes. The initiation of a FlashCopy mirror creates a logical FlashCo -\n",
      "py within seconds, which is independent and can be used in read/write mode. The actual copy of the data takes place in the background. The freshly initiated copy can be seen as something simi -\n",
      "lar to a paging space – pages that are being accessed are made available immediately and updates are done directly to the new copy.  As a result, the HotStandby can be activated in seconds. Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 73The actual full data copy will complete later, and the duration for this can be in minutes or hours \n",
      "depending on the server type, the speed set for the copy, the amount of data, and the layout of the data on the logical disks (whether serial or parallel FlashCopy paths are used). This activity is asynchronous and transparent to the new HotStandby.\n",
      "If the standby has been offl  ine for some time and the copy of its data is no longer compatible \n",
      "with the current online log, the SAP liveCache will reinitiate the FlashCopy and refresh the standby servers’ data.\n",
      "SAP l iveCache\n",
      "PrimarySAP l iveCache\n",
      "HotStandby\n",
      "Integration SAP LC to IBM \n",
      "storage: PowerHAsharedlib\n",
      "LC HotStandb ySolution basedon storagelevel\n",
      "librariesand controlledbyclusterSAP live\n",
      "Cache Log\n",
      "SAP\n",
      "liveCache SSAP\n",
      "liveCache P\n",
      "Rotatingrecoveryvia \n",
      "FlashCopyCluster ManagedRotatingIP Service Address\n",
      "Figure 7.6.4.1: Overview of HotStandby with FlashCopy\n",
      "In the case of a failure, where the standby has become primary, it will reverse the FlashCopy direction to bring the failed ex-primary back online as standby as soon as it becomes available. So the FC can fl  ow in both the directions. A standby going online will check the state of its data and if the data is stale, will request a new FlashCopy. This FlashCopy will take place between disk pairs that are currently accessible and being accessed from both the servers. The standby will have its volumes open to check for data consistency. The log will need to access the data to check its status, and the primary will be accessing its copy of the data as it is operationally online. For this reason, the data disks are raw disks, or raw logical volumes (without fi  le systems).The concurrently active log is also a raw device as this is being written by one server and read by the other simultaneously.\n",
      "The shared library must be installed in the search path as indicated in fi  gure 7.6.5.1 to make it \n",
      "available to SAP liveCache. The other paths are default installation paths that are documented here for reference. Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 747.6.5  liveCache HotStandby with IBM Storage\n",
      "The integration of SAP liveCache with the IBM storage servers supports the IBM System Sto -\n",
      "rage DS8000, IBM Storewize V7000, and the SAN Volume Controller. The SAN Volume Con-\n",
      "troller is a storage virtualization solution, such that below the SAN Volume Controller level, any SAN storage can be used. \n",
      "Figure 7.6.5.1 shows the components of the solution. The libHSS<type> is the actual shared lib -\n",
      "rary which IBM developed for the API provided by SAP . This library will be available as a feature \n",
      "of IBM AIX PowerHA, which also provides the necessary cluster management. The solution package includes storage connectors which are scripts that interface the library to the specific storage server API.\n",
      "SAP li veCach e\n",
      "libHSS SAP API     \n",
      "IBM s torage library\n",
      "Storage C onnectors\n",
      "OS access to storag eliveCache Database Server\n",
      "SAP/IBM shared library\n",
      "<Independent_program_path>/lib/lib64/libHSSibm<type>so \n",
      "(Example: <Type> = 2145 = SVC  )\n",
      "IBM storage conn ector sc rips and conf iguration file\n",
      "Scripts: /opt/ibm/ibmsap/connectors/H SS<type>\n",
      "Config:/opt/ibm/ibmsap/<LC SI D>/RTEHSS_config.txt\n",
      "Storage depenentaccess to sto rage API \n",
      "Exampl e: SVC v ia secure shell\n",
      "Storage Ser ver \n",
      "FunctionalityStorage  Server Fun ction ality via APISAP\n",
      "SAP/IBM \n",
      "Integra tion\n",
      "IBM\n",
      "Figure 7.6.5.1: Overview of solution components\n",
      "The shared library must be installed in the search path as indicated in figure 7.6.5.1 to make it available to SAP liveCache. The other paths are default installation paths that are documented here for reference.\n",
      "7.6.6  The solution on virtualization\n",
      "HotStandby can be implemented using directly attached storage, as well as through virtualiza -\n",
      "tion in PowerVM. The VIOS provides a virtualization layer for the I/O hardware, allowing the LPARs to share the adapters and I/O paths. This is described in detail in section 7.2. The major benefit for the HA implementation is that redundant I/O paths can be created inexpensively as the components are shared by all the LPARs. Virtual I/O is also a prerequisite for LPM (Live partition mobility) which extends the availability options of the solution. An LPAR can be moved from one machine to another to allow for planned maintenance without disruption to the appli -\n",
      "cation. Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 75liveCache liveCache liveCache liveCache liveCache liveCache liveCache liveCache\n",
      "RESTARTcontinousCluster DataAfter\n",
      "ImagesPrimary BackupIP SWITCHRECONNECT\n",
      "StorageSystemCluster DataAfter\n",
      "ImagesPrimary Backup\n",
      "continous\n",
      "RESTARTIP SWITCHRECONNECTApplication Application\n",
      "Archive\n",
      "LogData Data\n",
      "SVC Storage VirtualizationPowerVMVIOS\n",
      "Storage Server  LUNs  \n",
      "Figure 7.6.6.1: Implementation of virtualization layers\n",
      "The diagrams in fi  gure 7.6.6.1 show the original design with directly-attached storage and map \n",
      "this to virtualization. In the proof of concept, two levels of virtualization were used in order to ensure that the most-fl  exible solution was also feasible. In this case, virtual I/O functionality of the server (VIOS) provides the virtualization of the server I/O paths, and the SAN Volume Cont-roller provides the virtualization of the storage. \n",
      "The integration solution depends on the library being able to issue storage function calls to the \n",
      "storage server through the storage API. The connectors do this, and in order to do this, there must be a network connectivity between the LPARs on which the HotStandby solution is run-ning, and the storage server for FlashCopy services. In the example in fi  gure 7.6.6.1 (right), com-munication paths must exist between the SAN Volume Controller, which provides the FlashCopy services for downstream devices, and the SAP liveCache LPARs. The access is through secure shell communication and is described in section 7.7.9 ”SSH authorization from HotStandby to SAN Volume Controller”.\n",
      "The SAN Volume Controller also provides the wherewithal to mirror the mission-critical data \n",
      "across storage servers. With mirrored storage, the application can survive the loss of a complete storage server without interruption.\n",
      " Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 76SAP l iveCache\n",
      "PrimarySAP l iveCache\n",
      "StandbySAP A PO AppServers\n",
      "SAP\n",
      "liveCache P\n",
      "SAP\n",
      "liveCache PSAP\n",
      "liveCache PSAP\n",
      "liveCache S\n",
      "SAP\n",
      "liveCache S\n",
      "SAP\n",
      "liveCache SSAP live\n",
      "Cache Log\n",
      "SAP live\n",
      "Cache LogSAP live\n",
      "Cache LogSVC\n",
      "Any SA N 2 Any SA N 1PowerHACluster\n",
      "FC Pair\n",
      "Figure 7.6.6.2: SAP liveCache with HotStandby with SVC mirrored storage\n",
      "This is a signifi  cant benefi  t for mission critical systems. The fl  exibility of the virtualization layer \n",
      "in the SVC also makes it easy to provide a non interruptive storage system migration. The volu-mes can be moved from one storage pool to another (from one physical server to another) wit-hout breaking the FlashCopy relationship or disturbing the cluster solution. Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 777.7\t Design\tof\tthe\tPowerHA\tCluster\tfor\tSAP\tliveCache\tHotStandby\n",
      "This example shows the design for PowerHA version 7.1. This design will be revisited for any \n",
      "changes coming from the PowerHA version offering SmartAssist support for the HotStandby solution.\n",
      "Back\n",
      "Boneen1WAN\n",
      "Client\n",
      "en0SAP Rout er\n",
      "NFS serversapgu\n",
      "NFS FS\n",
      "/sapmnt/<SID>\n",
      "/usr/sap/trans\n",
      "/archivelogsFCA  (virt.)\n",
      "WAN\n",
      "Development & \n",
      "Main tenanceHACMP 7.1\n",
      "Broadcast HBi\n",
      "Back\n",
      "BoneNFS Broadcast HBSAP li veCache\n",
      "Log Synch\n",
      "Communication\n",
      "NFS     NFS server\n",
      "Sapu i via saprouter\n",
      "SAP liveCacheService IP Alias\n",
      "Concurrent I/ONFS server\n",
      "TSM server\n",
      "Broadcast HBBroadcast HB\n",
      "Concurrent I/O\n",
      "PrimaryHost A\n",
      "FC connectivity (virt.)ETH connectivity (virt.)en0\n",
      "Host B\n",
      "FC connectivity (virt.)\n",
      "ETH connectivity (virt.)\n",
      "en1\n",
      "StandbyHACMP HACMP\n",
      "SAP\n",
      "liveCacheSAP\n",
      "liveCache\n",
      "SAP live Cache\n",
      "SAP live Cache SAP live CacheLog\n",
      "CAA\n",
      "RepositoryNPIV*1/sapdb /sapdb\n",
      "*1 –access  path must be identical on \n",
      "both  sides –either both  NPIV or both  \n",
      "vSCSI\n",
      "Figure 7.7.1: Overview of proof of concept cluster implementation.\n",
      "PowerHA 7.1 differences:\n",
      "• Move from heat-beat disk to combined repository and heart-beat functionality.\n",
      "• Move from persistent boot addresses to the user of multicast I/O for heart-beatbroadcast. Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 78Definition of infrastructure and service in SAP liveCache cluster design\n",
      "The PowerHA design for SAP liveCache separates the application as a service under control of \n",
      "the corresponding SAP APO and the required infrastructure as seen from PowerHA. The inf -\n",
      "rastructure consists of the resources combined into the resource groups which need to be made available as pre-requisites for SAP APO to be able to start the SAP liveCache as a service. The SAP liveCache as a service is started and stopped by SAP APO. The reason for this differentiati -\n",
      "on is the need for SAP APO to administer the SAP liveCache and keep synchronization between SAP APO and SAP liveCache.\n",
      "• Infrastructure: Refers to the resources brought online by starting the cluster in preparation for SAP APO to start the service. It includes volume groups, service IP , application monitors and x_server.\n",
      "• Service: Refers to the online SAP liveCache service as an active database, whether the SAP liveCache is online or offline according to the actions taken by the SAP APO adminis -\n",
      "trator.\n",
      "This separation of power results in the following two categories of control:\n",
      "• Administrative cluster tasks such as starting, stopping, and moving the service provided by SAP liveCache and its required infrastructure.\n",
      "• Failures of SAP liveCache as a service and/or failure of the server nodes that result in the automatic recovery provided through the implemented cluster.\n",
      "High-availability considerations for network and storage related components are covered by the infrastructure design. Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 79Cluster design – PowerHA\n",
      "Figure 7.7.2 shows the PowerHA resource groups used to support the SAP liveCache cluster \n",
      "design. The configuration consists of three resource groups.\n",
      "• RG_LC – this resource group is online on both nodes and contains the shared SAP liveCache log volume group. It must be brought online by PowerHA as it relies on the cluster functionality for concurrent access. Note: The data volumes are brought online on each node automatically at OS level as they require no special treatment.\n",
      "• RG_LC_MASTER – this resource group consists of the IP-Alias used as the service address for SAP liveCache and the master application monitor. This resource group is only active on one of the nodes at any time.\n",
      "• RG_LC_SLAVE – this resource group consists of the slave application monitor. It is only active on one node at any time different to the RG_LC_MASTER. \n",
      "The primary server is represented by the resource group, RG_LC_MASTER. This resource group is active on one node or the other – never on both. It contains the IP alias used by the ap -\n",
      "plication to access SAP liveCache. The IP- alias and the master monitor are rotating resources. \n",
      "Both the standby (slave) and the master have application monitors. The monitors have different \n",
      "actions depending on the role of the application that they are monitoring. The master monitor attempts to keep the SAP liveCache in the ONLINE status, whereas the slave monitor tries to maintain an instance in the standby mode if a start request from SAP APO allowed the service to be started.\n",
      "LC IP-ALIASMaster MonitorStatus: rg_lc_master online\n",
      "Status: rg_lc onlineRaw\n",
      "Logvg\n",
      "Host ASlave MonitorStatus: rg_lc_slave online\n",
      "Host BStatus: rg_lc onlineRaw\n",
      "Logvg\n",
      "Fig 7.7.2: Overview of the PowerHA resource groups Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 80In general, during a takeover, the slave monitor on the standby side is replaced with the master \n",
      "monitor and the IP alias resource is moved to the node assuming the master mode. Action is then triggered to change the SAP liveCache instance status from STANDBY to ONLINE while both the resource groups are tried to be kept in the cluster related state ONLINE.\n",
      "View of resource groups in an active clusterThe clRGinfo command displays the status of the resource group infrastructure. This does \n",
      "not mean that the SAP liveCache service is online as this depends on the SAP APO application status. The cluster differentiates between the starting of the cluster, and the starting of the SAP liveCache service. The active cluster and the online resource groups are the prerequisite for star-ting the SAP liveCache service.\n",
      " # clRGinfo\n",
      " ------------------------------------------------ Group name  Group state Node ------------------------------------------------ rg_lc_hlc  ONLINE is03d11    ONLINE is04d11\n",
      " rg_lc_hlc_master ONLINE is03d11\n",
      "    OFFLINE is04d11\n",
      " rg_lc_hlc_slave ONLINE is04d11\n",
      "    OFFLINE is03d11\n",
      "NFS shared repository for status information\n",
      "Host A Host Bnode A node B\n",
      "shared\n",
      "(log volume(s))Loca l \n",
      "(rootvg)Loca l \n",
      "(sapdbv g)Loca l \n",
      "(rootvg)Loca l \n",
      "(sapdbv g)\n",
      "FlashCopy\n",
      "(data volume(s))FlashCopy\n",
      "(data volume(s))NFS shared \n",
      "lock directoryHA NFS server\n",
      "Figure 7.7.3: Overview of the storage components Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 81The implementation design also requires a reliable NFS location for control information which \n",
      "influences the behavior of the cluster. The location of this lock directory is one of the configu -\n",
      "ration parameters in the cluster configuration file. The shared lock directory is used for both synchronization between the cluster and SAP APO, and the synchronization of the application monitors within the cluster.\n",
      "SAP liveCache service\n",
      "The responsibility for the status of the SAP liveCache database service is with the application. SAP liveCache is a component of SAP APO and integrated into the transaction LC10. From this transaction, the status of SAP liveCache is controlled. It is started, stopped, and initialized. These actions can lead to synchronization actions within the SAP APO application itself which are important for data consistency. For this reason, the cluster does not have the logical authority \n",
      "to start and stop SAP liveCache as a service according to the state of the cluster. The cluster must \n",
      "retain knowledge of the status of SAP liveCache as set by the application and manage the cluster \n",
      "activities accordingly. \n",
      "SAP APO provides a hook in the path from LC10 to SAP liveCache that can be used to provide \n",
      "information on the ongoing action to the cluster. This is implemented through the presence of the script, lccluster.\n",
      "LC IP-Alias\n",
      "Status: rg_lc_master online\n",
      "Status: rg_lc onlinelcclusterLC10\n",
      "lccluster\n",
      "Master Monitor\n",
      "Status: rg_lc_slave online\n",
      "Status: rg_lc onlineSlave MonitorLC10: \n",
      "StatusSAP APO\n",
      "LC IP-Alias\n",
      "Status: rg_lc_master online\n",
      "Status: rg_lc onlinelcclusterLC10\n",
      "Primarylccluster\n",
      "StandbyMaster Monitor\n",
      "Status: rg_lc_slave online\n",
      "Status: rg_lc onlineSlave MonitorLC10: \n",
      "Status\n",
      "Figure 7.7.4: SAP APO control of SAP liveCache service\n",
      "The PowerHA cluster uses this script hook to receive and maintain status information on the sta -\n",
      "tus expected by the application. When the cluster is started, this information is consulted (yellow line) and depending on the expected status, the monitors are set to active, passive, or deactivate and the SAP liveCache is brought online or not, according to the status of the last SAP APO request. The SAP APO request status is maintained in an NFS file shared by both the nodes and need to be high available. It is referred to as the lock directory later. The read/write access to this data is indicated by the yellow path. Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 82Overview of implementation scripts\n",
      "This section is provided for an understanding of the logic behind the cluster scripts. These scripts are provided by the solution and no customizing is required, beyond that done for the instance profile which is described in the implementation section. \n",
      "Figure 7.7.5 shows the logic used by the cluster to ensure obedience to the applications  \n",
      "expectation.\n",
      "starting stopping\n",
      "LC10 starts\n",
      "primaryLC \n",
      "DBrequest\n",
      "Error or\n",
      "Undefined\n",
      "status\n",
      "ok\n",
      "okLC10 stops\n",
      "primaryLC \n",
      "DB\n",
      "Action performedon ok:\n",
      "WriteLC10.start, thendeleteLC10.stop\n",
      "Activatehot standbyon remotenodeusing\n",
      "functionin LCutil: lc_st art_slave_remoteAction performedon ok:\n",
      "Stop slaveresourcegroupon remotenode. Action performed on error:\n",
      "Write error log message.\n",
      "Do nothing elseLC10\n",
      "exit0\n",
      "exit0exit1 Action performedon req:\n",
      "-Action performedon req:\n",
      "WriteLC10.stop, thendeleteLC10.start\n",
      "Figure 7.7.5 SAP APO to cluster control flow\n",
      "The lccluster script is called by the SAP APO application one time at the beginning of an action, indicating what the intention or the request is, and again after the action, indicating the result. The cluster reacts only to the request or intent, and enters either the silent – not active – or acti -\n",
      "ve monitoring status. The lock directory can be empty what is treated as a stop or contains either LC10.stop or LC10.start message.\n",
      "In case of a start request, SAP APO starts the master itself and the cluster arms the master run -\n",
      "time monitor. If the first attempt to bring SAP liveCache online fails the application runtime \n",
      "monitor will take over. The application monitor will drive the activities of the cluster to activate a primary SAP liveCache either on the current node or invoke a failover. Finally, the standby instance is started as well by the lccluster script. This instance will be monitored thereafter by the standby runtime monitor. Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 837.7.1 Starting the SAP liveCache Cluster under SAP APO control\n",
      "The diagrams in this section show the logic used by the cluster to start the SAP liveCache service \n",
      "for the master and the standby instance. T o fulfill special needs of the SAP liveCache application, the logic needs to maintain state of the SAP liveCache as set by the SAP APO application to determine whether the service should be started or not. For the master’s monitors, a special logic was implemented which also maintains both application and monitor states. The monitor status and the application status are maintained in the lock directory. The location of the lock directory is configured in the central configuration file which is introduced in section 7.7.6. The monitor states are described in the next section. This section focuses on the application state.\n",
      "If the cluster is being restarted, the administrator may need to reset the lock status to achieve the \n",
      "action that is wanted. The cluster will start the SAP liveCache service depending on the status of the LC10 information it finds in the lock directory. The LC10 status can be either LC10.start or LC10.stop. The MONITOR state is expected to be maintained entirely by the monitor logic and cleaned up during cluster start, so no monitor data will normally be present after the startup. The SAP APO LC10 status, on the other hand, is the result of the last application request. If the -\n",
      "re is no LC10 status information, the application assumes no start request from the application has been received and will not start the SAP liveCache database instance. The SAP liveCache database instance is only started if the LC10 status is LC10.start.\n",
      "Cluster control hook for the APO:\n",
      "The script lccluster is used to give APO full control of starting/stopping liveCache. It is activated both starting and stopping liveCache and carries out the following logical sequences according to activity.\n",
      "Startup Sequence\n",
      "Step 1 request:\n",
      "In the picture the box for request the cluster to get prepared – marked with req) – is called, but no action is required. After the script has returned APO will start the MAS -\n",
      "TER instance. APO itself is not aware of the cluster and also not aware of an existing SLAVE. Therefore the lccluster script needs to give order to the cluster to handle the rest.\n",
      "Step 2 liveCache start completed successfully:\n",
      "Now the earlier mentioned lock LC10.start is set to activate the PowerHA application monitors and the standby is started.\n",
      "Stopping SequenceStep 1 request:\n",
      "On request lccluster deactivates the PowerHA application monitors by changing the lock information to LC10.stop. After the script has returned APO will stop the MASTER instance.\n",
      "Step 2 liveChache stop successfully: As a cleanup task the lccluster will stop the standby instance and then exit. Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 84In order to enable the lccluster script for a specific instance for liveCache The SID and the direc -\n",
      "tory where the PowerHA start/stop scripts have been placed needs to be edited inside the lcclus -\n",
      "ter script:\n",
      " ##Configure\n",
      " typeset SID=“HL2“      # edit!\n",
      " typeset SAPHA_SCRIPT_DIR=“/usr/es/sbin/cluster/sap“ # edit!\n",
      "starting stopping\n",
      "LC10 starts \n",
      "primary LC \n",
      "DBrequest\n",
      "Error or \n",
      "Undefined \n",
      "status\n",
      "ok\n",
      "okLC10 stops \n",
      "primary LC \n",
      "DBstarting stopping\n",
      "LC10 starts \n",
      "primary LC \n",
      "DBrequest\n",
      "Error or \n",
      "Undefined \n",
      "status\n",
      "ok\n",
      "okLC10 stops \n",
      "primary LC \n",
      "DBAction performed on req:\n",
      "-Action performed on req:\n",
      "Write LC10.stop, then delete LC10.start\n",
      "Action performed on ok:\n",
      "Write LC10.start, then delete LC10.stop\n",
      "Activate hot standby on remote node using \n",
      "function in LCutil: lc_start_slave_remoteAction performed on ok:\n",
      "Stop slave resource group on remote node. Action performed on error:\n",
      "Write error log message.\n",
      "Do nothing elseexit 0exit 1 Action performed on req:\n",
      "-Action performed on req:\n",
      "Write LC10.stop, then delete LC10.start\n",
      "Action performed on ok:\n",
      "Write LC10.start, then delete LC10.stop\n",
      "Activate hot standby on remote node using \n",
      "function in LCutil: lc_start_slave_remoteAction performed on ok:\n",
      "Stop slave resource group on remote node. Action performed on error:\n",
      "Write error log message.\n",
      "Do nothing elseexit 0exit 1LC10LC10\n",
      "exit 0exit 0\n",
      "Figure 7.7.1.1 Logic of the lccluster script\n",
      "T o make the script cl_lc_start generic, two parameters are passed to the scripts which indicate the role and what behavior is expected: MASTER or SLAVE followed by the SID.The two logic flows – master and slave – of the script are executed when the cluster is started as part of the resource group initialization and later they are also used during a recovery or a move.\n",
      "The first action for both instances is to verify that the x_server (the SAP liveCache listener) is \n",
      "started. Without the x_server, it is not possible to communication with SAP liveCache.The application status, set by SAP APO, is then consulted to determine whether the cluster has or does not have the authority to start the service. This status is maintained by the cluster and referenced to determine what action it should take as the result of a cluster restart, or a cluster failover. If the status does not exist, the start script assumes that no application direction has been given by SAP APO and the service will not be started. The lock information will be initialized to LC10.stop. The script will prepare the cluster for a SAP liveCache startup request that will be expected to come later from the SAP APO administrator, via transaction LC10. Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 857.7.2 Starting sequences of master\n",
      "cl_lc_start MASTER <SID> \n",
      " \n",
      "„Lock Directory / \n",
      "LC10.start \n",
      "exist Write LC10.stop if not written \n",
      "start vserver process  \n",
      "Exit 0 \n",
      "/lib/LCutil.lc_start_master \n",
      "starts the master DB accordingly to the returncode of „db_state\n",
      " \n",
      "Exit 0 write $LOCKFILE_DIR/MONIT OR.run success Start vserver process on all online nodes. Adjust MONIT OR.* lock information accordingly \n",
      "to RC_FOR_F AILED_MASTER_db_online  \n",
      "exit RC_FOR_F AILED_MASTER_db_online  OFFLINE)         bring database online if it fails return with ERROR to          make cl_lc_start exit accordingly to the customer  \n",
      "        configured variable RC_FOR_F AILED_MASTER_db_online \n",
      "        (default is exit 0 to always continue cluster processing) \n",
      "        sleep to give the database some time to startup and  \n",
      "        indicate a successfull start \n",
      "  STANDBY) \n",
      "       activate the standby database if it fails return with         ERROR to make cl_lc_start exit 1 \n",
      "       sleep to give the database some time to startup and  \n",
      "       indicate a successfull start \n",
      "   ONLINE)         check if Slave is running and synchronized on remote node (3 cases) \n",
      "        a) the SLA VE is running on remote host and connected to a master  \n",
      "             then nothing has to be changed and the cl_lc_start continues \n",
      "        b) the SLA VE is running on remote host and NOT  connected to a master  \n",
      "             start slave to connect it to the master and the cl_lc_start continues         c) NO SLA VE is running on remote host  \n",
      "              cl_lc_start will continue without a standby instance \n",
      "  not OFFLINE, ST ANDBY , ONLINE) \n",
      "     in case of an undefined start state an error is indicated to the startscript  \n",
      "     resulting in exit 1 Start local vserver calling \n",
      "lib/LCutil/lc_start_verver \n",
      "Figure 7.7.2.1 Flow logic for master instance startup\n",
      "The cluster start script is executed once for either a startup or a failover to activate the SAP \n",
      "liveCache master. If the initial startup of the master SAP liveCache fails on the current node, the-re are two possible actions – attempt a failover if the second node is active or stop with error. The choice of behavior is confi  gurable in the central confi  guration fi  le (RC_FOR_FAILED_MAS-TER_db_online). In some cases the customer might prefer to stop the cluster initialization and investigate the problem on the master server, in other cases the customer may wish the stand-by to takeover so that the application can come online while the failure on the master is being investigated. The consideration is that this recovery approach can lead to a ping-pong failover if neither of the servers can successfully start the master SAP liveCache. The default is set to con-tinue to try to bring the master online by means of a failover as long as there is a second server available.\n",
      "If the master is successfully started, the cluster looks at the status of the standby node and att-\n",
      "empts to start the standby. A standby SAP liveCache must be started via the master instance to start the ongoing synchronization communication between master and standby.  In case the master was not started successfully the default action is to update the monitor state information and return with success – this in essence completes the startup and does a handover to the runtime monitor. The application runtime monitor is activated every few seconds (confi  -gurable in PowerHA) so that after few seconds the application runtime monitor will detect the failure and initiate recovery. This default action is chosen if the confi  guration variable RC_FOR_FAILED_MASTER_db_online in the confi  guration fi  le is set to other than 1 ( setting of “1” indicates that the cluster should stop if the initial start of the master fails).  Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 86Note: The master resource group itself is configured not to attempt a restart and never to fall \n",
      "back. In case we have only one node available, and the db_online fails on this node, the cluster will log an error situation and stop processing. It will not continue to try to bring up the mas -\n",
      "ter repeatedly on the same node. For this situation a notification method should be enabled to inform the administrator instantly that the SAP liveCache database cannot be brought online.\n",
      "For certain environments it could make sense to exit the start script with an error (return code \n",
      "=1). PowerHA reacts on this return code stopping further actions and wait for manual interaction rather than attempting further recovery. T o handle this, a notification method should be enabled in PowerHA to inform the administrator instantly. \n",
      "The background of $LOCKFILE_DIR/MONITOR.run is described later in this chapter. The \n",
      "configuration for the RC_FOR_FAILED_MASTER_db_online variable is discussed in section 7.7.2.\n",
      "The state transition diagram show the state changes between mas -\n",
      "ter and slave database status. If the action is the result of a failover of an active database, the db_state at failover will be standby and \n",
      "the database will be brought online as master. If this is an initial start, the status of the master database will be offline and the data-base will be brought online as master and the slave as standby. An online master instance is untouched. This logic is encapsulated in the library LCutil. The function lc_start_master performs the required actions to bring the database service online accordingly to the state it detects. \n",
      "Note: During a startup, these actions are only performed by the \n",
      "cluster when LC10.start indicator has been set by SAP APO. OFF \n",
      "LINE\n",
      "ON \n",
      "LINESTAND\n",
      "BY\n",
      "Figure 7.7.2.2: Database state transition\n",
      "In the case of a shutdown, if the cluster or a resource group is stopped or the application requests SAP liveCache shutdown, the database is also returned back to offline state. If the database ap-\n",
      "plication fails, SAP liveCache itself will return the instance to offline status.\n",
      "In cases other than when a running Master is detected, the Slave is started by it’s cluster logic. \n",
      "The components covering this are the application monitor and the resource group relationships defined between Master and Slave. If an ONLINE Master is detected, action is taken to ensure the Slave is correctly connected and communicating with the Master instance. In this case, the standby liveCache instance is brought online via the Master.\n",
      "As the final action of a successful startup, the script starts the vserver process on the local node \n",
      "enabling network access to the instance. Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 877.7.3 Starting sequence of the slave \n",
      "In case of the node being the slave, the script (fi  gure 7.7.3.1) intentionally always returns with \n",
      "success in regards to cluster processing. This is necessary to continue with cluster processing otherwise the complete cluster processing will stop with error and will require manual recovery. This logic takes into consideration the fact that the slave may have failed, but the SAP liveCache can continue without a standby and therefore the cluster processing is not stopped. The slave monitor will attempt the recovery of the slave.\n",
      "cl_lc_start SLA VE <SID> \n",
      "LC10.start \n",
      "exist \n",
      "/lib/LCutil.lc_start_slave \n",
      "clean up old slave instance if necessary \n",
      "start the secondary DB from the primary DB \n",
      "exit 0 Check: host runs  \n",
      "a slave which is  \n",
      "already \n",
      "registered  \n",
      "and working Write log entry /lib/LCutil.lc_start_slave  \n",
      "Detect running  \n",
      "primary DB on other node  Message – slave will not be  \n",
      "started without a running master or a running db on this node \n",
      "exit 0 Start vserver on all online nodes \n",
      "exit 0 \n",
      "Write ERROR log entry success Check:  \n",
      "Service IP  online \n",
      "on this node Message – slave will not be  \n",
      "started. Found Service IP  for a MASTER instance.  \n",
      "exit 0 Start vserver on this node \n",
      "Figure 7.7.3.1: Overview of the monitor state logic Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 887.7.4 Stopping  and cleanup of the SAP liveCache service cluster\n",
      "CL_LC_STOP\n",
      "cl_lc_stop MASTER <SID> \n",
      "/lib/LCutil.lc_stop_instance \n",
      "$LCBIN/dbmcli -d $SID -u \n",
      "$CONTROL_LOGIN db_of fline \n",
      "Exit 0 cl_lc_stop SLA VE <SID> \n",
      "Stop x_server process locally . \n",
      "Exit 0 \n",
      "Figure 7.7.4.1: Logic of the stop script\n",
      "The stop script (fi  gure 7.7.4.1) – which is also used with parameters to handle slave and master \n",
      "instances – is used in failover recovery and cluster shutdown. A failing master is taken offl  ine whereas the standby is left in standby status to complete any open failover transitions. If the standby were to be taken offl  ine, the data cache memory structure would be deactivated and would need to be rebuilt on restart. The objective is to avoid this overhead when transitioning the standby to master status. The standby should simply change status and assume the role of the master SAP liveCache. The cleanup of slave instances is done when starting a slave and in the cl_lc_clean script.\n",
      "CL_LC_CLEAN\n",
      "cl_lc_clean ST ART <SID> \n",
      "/lib/LCutil. lc_stop_instance \n",
      "Stop the standby instance Exit 0 cl_lc_clean ST OP <SID> \n",
      "Active \n",
      "stanby \n",
      "DB /lib/LCutil. lc_check_db_active Start x_server \n",
      " cleanup MONIT OR.* lock information.  \n",
      "Figure 7.7.4.2: Logic of the clean up script\n",
      "The clean script (fi  gure 7.7.4.2) is used to reset the cluster status during a shutdown of the cluster. \n",
      "The clean up script is driven by the log resource group. If the log_volume is being taken offl  ine, the slave will have to be stopped.  The slave resource group does not take any clean up action (by de-sign), but relies on the cleanup of the prerequisite resource group (the log) to ensure the consistent clean up of the service. This avoids any type of erroneous recovery attempt being triggered.\n",
      "At cluster startup, this script ensures that x_server process is online and the lock directory is cleaned. \n",
      "This script is used both for a resource group shutdown and start up with different actions and there-fore it is parameterized with “STOP <SID>” for shutdown, and “START <SID>” for start up. Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 897.7.5 Overview of script structure\n",
      "Figure 7.7.5.1 shows an overview of the script structure and the confi  guration fi  le used by the \n",
      "cluster. These are usually located in the /usr/es/sbin/cluster/sap directory. The library is a group of general routines which are made available to the individual application scripts. The application scripts are those which are confi  gured in PowerHA as application servers and monitors of the resource groups. The sapha_env links the confi  guration fi  le sapha_<SID>.cfg and the libraries into the start, stop and monitor scripts along with other environment settings which are globally referenced. The sapha_<SID>.cfg confi  guration fi  le is used to adapt all the scripts accordingly to the SAP instance type, SID name, and other control setting from a single central reference.\n",
      "static codeLCutil\n",
      "•Param: INSTANCE, SI \n",
      "•Starts SAP Instance\n",
      "cl_lc_clean\n",
      "•Param: INSTANCE, SI \n",
      "•Starts SAP Instancesapha_<SID>.cfg\n",
      "•SAP Instancenamesand numbers\n",
      "•SAP directories\n",
      "•SAP Functions\n",
      "•TimoutValues\n",
      "•…\n",
      "cl_sap_stop\n",
      "•Param: INSTANCE, SI \n",
      "•Starts SAP Instancecl_sap_monitor\n",
      "•Param: INSTANCE, SI \n",
      "•Starts SAP Instancecl_sap_start\n",
      "•Param: INSTANCE, SID\n",
      "•Starts SAP Instancecl_lc_stop\n",
      "•Param: INSTANCE, SI \n",
      "•Starts SAP Instancecl_lc_monitor\n",
      "•Param: INSTANCE, SI \n",
      "•Starts SAP Instancecl_lc_start\n",
      "•Param: INSTANCE, SID\n",
      "•Starts SAP Instancecl_<db>_stop\n",
      "•Param: INSTANCE, SI \n",
      "•Starts SAP Instancecl_<db>_monitor\n",
      "•Param: INSTANCE, SI \n",
      "•Starts SAP Instancecl_<db>_start\n",
      "•Param: INSTANCE, SID\n",
      "•Starts SAP Instance<DB>util\n",
      "•Param: INSTANCE, SI \n",
      "•Starts SAP InstanceSAPutil\n",
      "•Param: INSTANCE, SI \n",
      "•Starts SAP Instanceutil\n",
      "•Param: INSTANCE, SI \n",
      "•Starts SAP Instancelog\n",
      "•Writestandardizedlog   \n",
      "files\n",
      "Scripts to beconfiguredin theapplicationmonitorsfortheressourcegroupsLibraryLCutil\n",
      "•Param: INSTANCE, SI \n",
      "•Starts SAP Instance\n",
      "cl_lc_clean\n",
      "•Param: INSTANCE, SI \n",
      "•Starts SAP Instancecl_sap_stop\n",
      "•Param: INSTANCE, SI \n",
      "•Starts SAP Instancecl_sap_monitor\n",
      "•Param: INSTANCE, SI \n",
      "•Starts SAP Instancecl_sap_start\n",
      "•Param: INSTANCE, SID\n",
      "•Starts SAP Instancecl_lc_stop\n",
      "•Param: INSTANCE, SI \n",
      "•Starts SAP Instancecl_lc_monitor\n",
      "•Param: INSTANCE, SI \n",
      "•Starts SAP Instancecl_lc_start\n",
      "•Param: INSTANCE, SID\n",
      "•Starts SAP Instancecl_<db>_stop\n",
      "•Param: INSTANCE, SI \n",
      "•Starts SAP Instancecl_<db>_monitor\n",
      "•Param: INSTANCE, SI \n",
      "•Starts SAP Instancecl_<db>_start\n",
      "•Param: INSTANCE, SID\n",
      "•Starts SAP Instance<DB>util\n",
      "•Param: INSTANCE, SI \n",
      "•Starts SAP InstanceSAPutil\n",
      "•Param: INSTANCE, SI \n",
      "•Starts SAP Instanceutil\n",
      "•Param: INSTANCE, SI \n",
      "•Starts SAP Instancelog\n",
      "•Writestandardizedlog   \n",
      "files\n",
      "Scripts to beconfiguredin theapplicationmonitorsfortheressourcegroupsLibraryCentral \n",
      "adap tionfor\n",
      "instancesand SIDssapha_<SID>.cfg\n",
      "•SAP Instancenamesand numbers\n",
      "•SAP directories\n",
      "•SAP functions\n",
      "•TimoutValues\n",
      "•…\n",
      "sapha_env\n",
      "•CreateLogginginfrastructure\n",
      "•Loadlibraryas required\n",
      "•Set Path\n",
      "Figure 7.7.5.1: Structure of PowerHA scripts\n",
      "7.7.6 Monitor logic and the monitor states\n",
      "This section is provided for reference only. It describes the logic used for the master‘s application monitors. The solution provided here was done for PowerHA 7.1 and may well be implemented differently in the offi  cial PowerHA version. \n",
      "PowerHA provides a structure that drives the application monitor scripts according to specifi  c \n",
      "events which it monitors at low level (such as infrastructure failures) or according to confi  gu-red settings.  The scripts which support the application do not communicate with each other in any direct control fl  ow and these scripts are also invoked as stateless. For a complex application  Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 90 sequence such as a HotStandby, this statelessness can lead to some unpredictable behavior as re -\n",
      "sult of pure circumstantial timing. T o counter this, a design has been implemented which provi-\n",
      "des state information across iterations of the status monitor so that it is possible to determine the first iteration from consequent iterations. A synchronization status is also implemented between the startup script and the runtime monitor.\n",
      "In the design for PowerHA 7.1 both a startup and a runtime monitor are implemented. There \n",
      "were three determining reasons which lead to this solution:\n",
      "1) Before the start script is called, PowerHA 7.1 uses the highest priority monitor to va -\n",
      "lidate that the application is not already started. If no startup monitor is available, the runtime monitor is used for this purpose as well. This would increase the complexity of the runtime monitor as it would need to cope for both roles.\n",
      "2) PowerHA 7.1 starts the runtime monitor in parallel with the start script which can lead to a race condition if the runtime monitor begins looking at the database status while the start script is still bringing it online.\n",
      "3) T o avoid the race condition, the runtime monitor could be purposely delayed to give the start script sufficient time to complete, which would then mean its reaction time to a failure would also be delayed. As the startup time for the application can vary considerably, dependent on the necessary actions, the monitor delay would need to be generous. As the recovery time of the SAP liveCache is critical for the overall applica -\n",
      "tion this time must be minimized and therefore a long delay in the runtime monitor was not acceptable.\n",
      "Start-up MonitorIf a single monitor is used, it will need to behave differently during the initial check, during start up, and during runtime. The first iteration determines whether the application is running and must return a negative (error RC) in order to trigger the startup. After the initial check, an error return code will trigger a failover. As the monitor is stateless, this provides a challenge.\n",
      "The design implemented ensures the following: \n",
      "1) \n",
      "The startup monitor is used for the initial check before the start script is called and always \n",
      "returns with RC of “1” to ensure the start script is called. Return code of 1 indicates to PowerHA that the application is not started and therefore the start script is triggered.\n",
      "2) The startup monitor gives the application some time to begin the start up and to get past the state of OFFLINE into one of the transient states or even to complete the start up and achieve the ONLINE status. Then it hands over to the runtime monitor by exiting with RC=” 0”. Return code “0” tells PowerHA that the startup was success -\n",
      "ful and that the runtime monitor can now take over. The startup monitor only runs for a startup or at failover. Once the startup sequence is completed, the runtime monitor begins cyclic monitoring for a failure situation.\n",
      "3) Starting the runtime monitor early minimizes the delay in starting the runtime moni -\n",
      "tor as soon as the application is ready. This improves the reaction time to any failure.  Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 91The startup monitor uses a monitor status to differentiate between the initial iteration and any \n",
      "subsequent iteration. In the proof of concept, only two iterations were necessary – one to trigger the startup script and one to hand over to the runtime monitor. \n",
      "This design simplifies the behavior of the monitors. Not arming the runtime monitor before \n",
      "the start script returns avoids false failovers and this is covered by the handover approach. This approach is covered next.\n",
      "7.7.7 Handover and synchronization between monitor and startup\n",
      "Due to the design of PowerHA, which starts the runtime monitor in parallel with the startup script, a synchronization mechanism has been established between the startup monitor and the runtime monitor to avoid a race condition and to protect the start sequence. The lock is main -\n",
      "tained along with the LC10 lock in the shared repository (specified in the configuration script variable $LOCKFILE_DIR). The following picture will outline the state change of the lock.\n",
      "The start up script (cl_lc_start for a master instance), and both monitors for the master \n",
      "( cl_lc_startupmonitor, cl_lc_monitor) and the  start time cleanup script (cl_lc_clean START) react to and alter the synchronization states depicted in figure 7.7.7.1. In this figure, the final state depicted  is actually a transitory situation and not an actual state. If the startup status of the application itself in successful and the database is online, then either of the states (runtime or run) can directly transition to the online status.  This will only be done by the master runtime monitor. This action is described in the script logic below.\n",
      "-\n",
      "MONIT OR\n",
      ".startup\n",
      "MONIT OR.\n",
      "runtime-\n",
      "MONIT OR\n",
      ".run\n",
      "MONIT OR.\n",
      "runtime\n",
      "run\n",
      "Figure 7.7.7.1: Monitor state transition Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 92cl_lc_clean START:\n",
      "when the cluster is restarted, it needs to be ensured that any previous lock information is cleaned up. The clean up script is invoked as one of the first activities in the startup sequence and it resets all monitor status. This reset is depicted by the dotted line in figure 7.7.7.1.\n",
      "cl_lc_startupmonitor:\n",
      "This monitor is called exactly two times by PowerHA processing. The first time it is called it sets the MONITOR.startup state in order to know it has already been called once. \n",
      "The second time it changes the status from MONITOR.startup to MONITOR.runtime. Mo -\n",
      "nitor runtime is information intended for the runtime monitor to inform it that the startup \n",
      "sequence may still be in progress. After these two iterations, the startup monitor returns “0” to PowerHA which signals PowerHA that it can start the runtime monitor. The runtime monitor (cl_lc_monitor) will run periodically from now on as long the cluster does not move the resource group. This monitor is the only consumer of the state startup, which differentiates the first from the second iteration.\n",
      "cl_lc_start MASTER:\n",
      "This script is triggered by PowerHA after the first iteration of the startup monitor. When the db_online command returned with success (representing an ONLINE master SAP liveCache instance) it sets MONITOR.run just before exiting back to PowerHA. If the  db_online re -\n",
      "quest fails, there are two options on how to proceed. The option selected is determined by the configuration of the variable  RC_FOR_FAILED_MASTER_db_online. The default case for RC_FOR_FAILED_MASTER_db_online = 0. This would result in the script setting the state to MONITOR.run and exiting with RC=0. In this case it is left to the runtime monitor to discover an error status – a monitor status of RUN but no online database. \n",
      "The second option, resulting from  RC_FOR_FAILED_MASTER_db_online = 1,  is to reset the \n",
      "state and remove all locks and exit with a failure. This script does not consume any lock informa -\n",
      "tion it only sets the state to RUN or cleans up all status as part of failure.\n",
      "cl_lc_monitor MASTER:\n",
      "This is the cyclic runtime monitor. As  soon as the runtime monitor encounters the status of MONITOR.run, indicating that the startup sequence is completed, it removes all remaining lock status and normal monitoring is enabled. In case only MONITOR.runtime is found, indicating the start sequence may still be in progress, it checks the status of the database and if the databa -\n",
      "se is online, it can proceed to clean up and enable normal monitoring. If any other DB state is found, it assumes the startup sequence is still in progress and takes no further action.This monitor is the only consumer of the states run and runtime.\n",
      "The following picture shows the call sequence of the scripts, the state relevance for the scripts, \n",
      "and the action taken by PowerHA as a result of the return codes in a bit more detail. Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 937.7.8 Logic of the monitor synchronization\n",
      "- startup\n",
      "runtimeRC=1\n",
      "RC0\n",
      "RC1 RC0DB Online ok or\n",
      "RC_FOR_FAI LED_MASTER_db_online= 0First ite ration  \n",
      "2nd iteration runtime\n",
      "-RC01\n",
      "3\n",
      "run -\n",
      "RC_FOR_FAI LED_MASTER_db_online= 1run\n",
      "24Pictur e shows processing with LC10.start flag  \n",
      "for database service activation.\n",
      "db OFFLINEdb ONLIN E5\n",
      "6\n",
      "RC1db ONLIN EStartupMonitor:\n",
      "cl_lc_startupmonitorMASTER\n",
      "Startscr ipt:\n",
      "cl_lc_startMASTERRuntimeMonitor:\n",
      "cl_lc_monitorMASTER\n",
      "Figure 7.7.8.1: Overview of the monitor state logic\n",
      "1) When the cluster starts moving the master resource group as a result of a cluster \n",
      "startup or a failover, the lock should be empty or at least is should never contain the state startup. PowerHA uses the startup monitor to check if the application is already running or if cl_lc_start MASTER SID should be called. The start script will only be executed by PowerHA if the start up monitor indicates the application is not currently active (by returning a RC=1). As we want the application start script to be triggered, we always return RC=1. T o indicate the start script has been called once the lock state is set to MONITOR.startup.\n",
      "2) In the case that the start script exits the dbmcli db_online command with OK, indica -\n",
      "ting the SAP liveCache instance has been set online, it sets MONITOR.run which can coexist with the MONITOR.runtime later indicated by the transitory status of MO -\n",
      "NITOR.run* in the state diagram in figure 7.7.7.1. This informs the runtime monitor later on that the startup phase is completed. The runtime monitor is now enabled to react to a database status outside the expected ONLINE status with a failover. \n",
      " This lock MONITOR.run ensures that no race condition occurs between the startup script and the application runtime monitor. In case the start script fails to bring the database online, there are two possible reaction paths. The reaction is determined by  Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 94the setting of the parameter variable RC_FOR_FAILED_MASTER_db_online in the \n",
      "configuration file. Either the liveCache service will be stopped with error, or (default) the initial startup will be handled by the runtime monitor. \n",
      "3) PowerHA waits a configured amount of time before invoking the startup monitor in the next iteration. PowerHA will do this until the startup monitor returns RC=0 (indi -\n",
      "cating success). Since we want to call it only twice, we always return “0” on the second iteration. as MONITOR.startup status and update the lock information to MONI -\n",
      "TOR.runtime. PowerHA ensures that this step happens before the runtime monitor is called. \n",
      "4) From this point on, PowerHA will use the runtime monitor and will not call the star -\n",
      "tup monitor.\n",
      "5) The runtime monitor will see the lock and will give the application time to start up. This solves timing issues which could result in false failovers. Of course a failed startup must be handled. This is covered in cl_lc_start MASTER <SID> start script logic if RC_FOR_FAILED_MASTER_db_online = 1 or by the runtime monitor with some delay if RC_FOR_FAILED_MASTER_db_online = 0. The SAP command line inter -\n",
      "face used to request the database to come online ( dbmcli db_online) will only return RC=0 if the database has come up with a running database in ONLINE state. \n",
      "6) As soon the database is online the lock is removed and normal monitoring starts until the next monitoring event (indicated by a RC=1) triggers a failover of the resource group.\n",
      "Note: The transition between the lock states run, runtime, run* before they are removed is a timing question between monitor frequency of the startup monitor and finishing the startscript. Several state combinations can lead to a successful transition to normal monitoring. Important is that the startup sequence is coordinated and results in an online database.\n",
      "Note: the startup monitor must only be used for master instances.\n",
      "7.7.9 SSH authorization from Hot Standby to SAN Volume Controller\n",
      "The series of steps described here are not extremely intuitive so they must be followed as docu -\n",
      "mented. The end result is that the AIX user, sdb will be able to access the SAN Volume Control-\n",
      "ler server with the user admin and carry out the necessary commands to drive the LC to storage integration.\n",
      "Setting up the keys on AIX\n",
      "The user on AIX Hot Standby side is sdb. The keys are generated from this user.\n",
      "From root, change to the sdb user using the following command.\n",
      "su - sdb Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 95Now generate the SSH keys using the following command.\n",
      " ssh-keygen -t rsa \n",
      "There should now be a directory under /home/sdb names .ssh\n",
      "# ls /home/sdb\n",
      ".profile          .sh_history       key.bk            smit.script.sdb              .ssh\n",
      "Ensure that the owner is sdb.sdba for both this directory and all files in it\n",
      "cd .ssh# ls -ltotal 24-rw-------    1 sdb      sdba           1675 Nov  3 19:02 id_rsa-rw-------    1 sdb      sdba            392 Nov  3 19:02 id_rsa.pub-rw-r--r--    1 sdb      sdba            442 Nov 15 19:53 known_hosts\n",
      "This directory will need to be copied to all the LC servers participating in SAN Volume Cont-\n",
      "roller communication.After copying, ensure that the authorizations are granted for sdb.sdba on all Hot Standby servers.\n",
      "From the laptop, upload the public key in binary format through FTP or by other possible me -\n",
      "ans. The key will have the following name:\n",
      " is_rsa.pub \n",
      "This key will now need to be loaded in the SAN Volume Controller.Setting up the SAN Volume Controller with the public key accessLogin to the SAN Volume Controller through the browser and create a user with the following \n",
      "characteristics: No password, local authentication, and SSH.\n",
      "Figure  7.7.9.1: SVC user administration Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 96Browse for the SSH public key file and add the public key loaded up from the AIX server.\n",
      "Figure  7.7.9.2: SVC  user group administration\n",
      "T esting the access from AIX to SAN Volume Controller\n",
      "Regardless of the user you specified, you must login using the ID as admin from the liveCache server.From user sdb, enter ssh admin@<IP address of SAN Volume Controller server>\n",
      "$ ssh admin@svc_isicc\n",
      "IBM_2145:svc_isicc:admin> Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 978 Summary and Conclusions  \n",
      "The results of the tests on this end-to-end high-availability infrastructure for SAP APO have \n",
      "demonstrated a robust, reliable, and very responsive solution infrastructure for mission critical implementations. The behavior and recoverability of the ATP check design far exceeded our hopes and expectations. That an open order using ATP checking per line item could continue as though nothing had happened even though it spanned the failure and recovery of major SAP APO components surprised and delighted almost everyone. The benefits this offers to both on -\n",
      "line order entry, and complex integrated solutions is nearly continuous availability, with no appli-cation level recovery requirements beyond the reactivation of asynchronous CIF queues (which are outside of the transactional critical path). The confirmation of data consistency following the cancellation of a high volume demand plan -\n",
      "ning run due to component failure proves that the system automatically recovered to such a state that the batch planning jobs and simply be restarted. The batch restart can be initiated within minutes of the failure, which helps to ensure the overnight production planning runs within a tight window of time. The jobs will restart from the beginning, but operations can bypass much of the prerequisite recovery overhead which can represent a major delay.\n",
      "The selection of components to support the high-availability and cluster solutions have proven a \n",
      "very viable reference architecture stack, which can take full advantage as well of all the strengths of the Power systems virtualization and flexibility. The PowerVM functionality provides a very strong high-availability infrastructure with an eye on TCO.\n",
      "Based on new functionalities in Power7, additional tests were performed in regards to large SCM \n",
      "systems which are published in a related document. These include the benefits of Active Memory Expansion for large application memory footprints such as the database and liveCache. These tests also demonstrate the option of using Live Partition Mobility to extend the continuous avai -\n",
      "lability of the SCM system. LPM allows a running LPAR to be relocated across machine bound-aries and thereby enabling physical server maintenance without application down time. This is beneficial for SCM even if there is a sufficient downtime window, as this method would   not require the (sometimes very large) memory resident data cache to be rebuilt and refilled as would be the case with an actual stop and restart of the APO application. \n",
      "The SAP Supply Chain Management Advance Planning and Optimization application has an \n",
      "optimal infrastructure on Power. PowerVM provides resource sharing between the compo-nents (database, liveCache, application servers) according to the load requirements and is able to realign with a change in load distribution. Considering the various scenarios running in the planning cycle of APO, including demand planning, supply and network planning, production planning and detailed scheduling, and service parts planning (Spare Parts Management), there are a number of load distribution profiles which can run in a single system and in a single plan -\n",
      "ning cycle. PowerVM provides excellent load consolidation and automatic (nearly instantaneous) resource realignment according to load requirements.\n",
      "With this reference architecture, the SAP SCM APO achieves “end to end” high availability on \n",
      "top of all the virtualization benefits provided by PowerVM. It takes advantage of the clustering  Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 98benefits of Tivoli SA MP for both SAP central services recovery, and extremely fast database \n",
      "recovery using the DB2 HADR.And finally, SAP SCM APO is given a boost of functionality with the extended high availability option of PowerHA SAP liveCache Hot Standby, completing the HA coverage for all compo-nents. This solution provides the integration of SAP liveCache with IBM storage functionality in support of a Hot Standby liveCache in synchronization with the primary server both on disk and in memory. The solution also takes advantage of state-of-the-art storage virtualization. The flexibility of the SAN Volume Controller for storage virtualization allows running applications to be moved between storage servers “on the fly”. This allows storage systems to be extended or replaced without application down-time. In addition, the mirroring functionality of the SVC can be used to ensure uninterrupted production in SCM even if a complete storage server should fail.\n",
      "This proof of concept presents a fully tested end-to-end infrastructure which is proven to be an \n",
      "extremely solid basis for mission critical supply chain management.\n",
      "9 Appendix\n",
      "9.1\t Related\tdocuments\tand\tsources\tof\tfurther\tinformation\n",
      "An IBM RedBook is available online with details on the functionality of PowerHA 7.1.http://www.redbooks.ibm.com/abstracts/sg247845.html?Open\n",
      "SAP liveCache Hot Standby command set can be found at the website below: \n",
      "http://maxdb.sap.com/doc/7_7/45/0f77bbe82f29efe10000000a114a6b/frameset.htm\n",
      "Further information on the SAP liveCache command line and DBMGUI tool.\n",
      "Command Line (dbmcli):\n",
      "http://help.sap.com/saphelp_nwpi711/helpdata/en/a3/b2462a9ef05c41922b8092257a2e2c/frameset.htm\n",
      "  DBMGUI: \n",
      "http://help.sap.com/saphelp_nwpi711/helpdata/en/a3/b2462a9ef05c41922b8092257a2e2c/frameset.htm\n",
      "(use version 7.6 and higher) Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 999.2\t \tSAP\tliveCache\tversions\n",
      "The proof of concept was executed using two different version of SAP liveCache:\n",
      "• 7.7.07.17\n",
      "• 7.7.07.26\n",
      "Upgrade to SP16 (7.7.07.26) was done due to a known problem in failover recovery in versions \n",
      "prior to support pack 16 that which did occur in the testing. \n",
      "9.3\t \tAIX,\tPowerHA,\tand\tJava\tversions\t\n",
      "The proof of concept started with PowerHA version 6.1 and then migrated to version 7.1.The version that will provide the official support for SAP liveCache with HotStandby will be closer to 7.1 and the logic implemented for 7.1 will be carried forward into the product.\n",
      "1) bos packets (6100-04-03-cluster)\n",
      "Smitty nim p install software  lppsource_61TL04SP02\n",
      " bos.adt.syscalls  5.3.7.0   # Base Level Fileset\n",
      " bos.adt.libm   6.1.2.0   # Base Level Fileset\n",
      " bos.adt.syscalls  6.1.2.0   # Base Level Fileset\n",
      " bos.data   5.3.0.0   # Base Level Fileset\n",
      " bos.net.nfs.server  5.3.7.0   # Base Level Fileset\n",
      " bos.clvm  p for concurrent access to logical volumes \n",
      " bos.rte.lvm  p for concurrent access to logical volumes\n",
      "2) PowerHA 6.1 + all available APARs for high availability\n",
      " AIX 6.1 TL05 SP03\n",
      " cluster.doc.en_US.es.html 6.1.0.0  HAES Web-based HTML\n",
      " cluster.doc.en_US.es.pdf 6.1.0.0  HAES PDF Documentation – United States\n",
      " cluster.es.cfs.rte  6.1.0.0  ES Cluster File System Support\n",
      " cluster.es.client.clcomd 6.1.0.2  ES Cluster Communication\n",
      " cluster.es.client.lib  6.1.0.1  ES Client Libraries\n",
      " cluster.es.client.rte  6.1.0.2  ES Client Runtime\n",
      " cluster.es.client.utils  6.1.0.1  ES Client Utilities\n",
      " cluster.es.csPoC.cmds 6.1.0.2  ES CSPOC Commands\n",
      " cluster.es.csPoC.dsh  6.1.0.0  ES CSPOC dsh\n",
      " cluster.es.csPoC.rte  6.1.0.2  ES CSPOC Runtime Commands\n",
      " cluster.es.nfs.rte  6.1.0.1  ES NFS Support\n",
      " cluster.es.plugins.dhcp 6.1.0.0  ES Plugins – dhcp\n",
      " cluster.es.plugins.dns  6.1.0.0  ES Plugins – Name Server\n",
      " cluster.es.server.cfgast 6.1.0.0  ES T wo-Node Configuration\n",
      " cluster.es.server.diag  6.1.0.2  ES Server Diags\n",
      " cluster.es.server.events 6.1.0.2  ES Server Events\n",
      " cluster.es.server.rte  6.1.0.2  ES Base Server Runtime\n",
      " cluster.es.server.utils  6.1.0.2  ES Server Utilities\n",
      " cluster.es.worksheets  6.1.0.0  Online Planning Worksheets\n",
      " cluster.license   6.1.0.0  HACMP Electronic License\n",
      " cluster.es.client.clcomd 6.1.0.2  ES Cluster Communication\n",
      " cluster.es.client.lib  6.1.0.1  ES Client Libraries\n",
      " cluster.es.client.rte  6.1.0.2  ES Client Runtime Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 100 cluster.es.PoC.rte  6.1.0.0  ES CSPOC Runtime Commands\n",
      " cluster.es.nfs.rte  6.1.0.1  ES NFS Support\n",
      " cluster.es.server.diag  6.1.0.0  ES Server Diags\n",
      " cluster.es.server.events 6.1.0.0  ES Server Events\n",
      " cluster.es.server.rte  6.1.0.2  ES Base Server Runtime\n",
      " cluster.es.server.utils  6.1.0.2  ES Server Utilities\n",
      " cluster.man.en_US.es.data 6.1.0.0  ES Man Pages – U.S. English\n",
      "3) PowerHA 7.1 – Used for SAP liveCache HotStandby\n",
      "AIX Level Used: 6100-06-03-1048\n",
      "cluster.doc.en_US.es.html 7.1.0.0  PowerHA SystemMirror Web-based\n",
      "cluster.doc.en_US.es.pdf 7.1.0.0  PowerHA SystemMirror PDF\n",
      "cluster.es.assist.common 7.1.0.0  PowerHA SystemMirror Smart\n",
      "cluster.es.assist.db2  7.1.0.0  PowerHA SystemMirror Smart\n",
      "cluster.es.assist.dhcp  7.1.0.0  PowerHA SystemMirror Smart\n",
      "cluster.es.assist.dns  7.1.0.0  PowerHA SystemMirror Smart\n",
      "cluster.es.assist.domino 7.1.0.0  PowerHA SystemMirror\n",
      "cluster.es.assist.filenet 7.1.0.0  PowerHA SystemMirror Smart\n",
      "cluster.es.assist.ihs  7.1.0.0  PowerHA SystemMirror Smart\n",
      "cluster.es.assist.MaxDB 7.1.0.0  PowerHA SystemMirror Smart\n",
      "cluster.es.assist.oracle 7.1.0.0  PowerHA SystemMirror Smart\n",
      "cluster.es.assist.sap  7.1.0.0  PowerHA SystemMirror Smart\n",
      "cluster.es.assist.tds  7.1.0.0  PowerHA SystemMirror Smart\n",
      "cluster.es.cfs.rte  7.1.0.0  Cluster File System Support\n",
      "cluster.es.client.clcomd 7.1.0.0  Cluster Communication\n",
      "cluster.es.client.lib  7.1.0.0  PowerHA SystemMirror Client\n",
      "cluster.es.client.rte  7.1.0.0  PowerHA SystemMirror Client\n",
      "bos.cluster.solid  6.1.6.3  POWER HA Business Resiliency\n",
      "cluster.es.server.utils  7.1.0.0  Server Utilities\n",
      "cluster.es.worksheets  7.1.0.0  Online Planning Worksheets\n",
      "cluster.license   7.1.0.0  PowerHA SystemMirror\n",
      "bos.cluster.rte   6.1.6.3  Cluster Aware AIX\n",
      "bos.cluster.solid  6.1.6.0  POWER HA Business Resiliency\n",
      "cluster.es.client.wsm  7.1.0.0  Web-based Smit\n",
      "cluster.es.cspoc.rte  7.1.0.0  CSPOC Runtime Commands\n",
      "cluster.es.migcheck  7.1.0.0  PowerHA SystemMirror Migration\n",
      "cluster.es.nfs.rte  7.1.0.0  NFS Support\n",
      "cluster.es.server.diag  7.1.0.0  Server Diags\n",
      "cluster.es.server.events 7.1.0.0  Server Events\n",
      "cluster.es.server.rte  7.1.0.0  Base Server Runtime\n",
      "cluster.es.server.utils  7.1.0.0  Server Utilities\n",
      "cluster.man.en_US.es.data 7.1.0.0  Man Pages – U.S. English\n",
      "5) Java\n",
      "Install the required Java version. We used Java 1.4.2 SR13 for this scenario Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 1019.4\t Tivoli\tSA\tMP\tand\tDB2\tHADR\tversions\n",
      " IBM DB2:    V9.7 FP 2 \n",
      " SAP:\n",
      " SAP patch level for SAP\n",
      " (disp+work/and DBSL):  94\n",
      " kernel release    701\n",
      " compiled for    64 BIT\n",
      " compilation mode   UNICODE\n",
      "Tivoli System Automation for Multiplatforms: 3.2.1\n",
      "9.5\t \tPower\tSystems,\tAIX,\tand\tstorage\tversions\n",
      "Firmware version: IBM,AL720_066\n",
      "AIX: Both, 6100-05-03-1036 and AIX 6.1 TL05 SP03 testedSAN Volume Controller Level 6.1.0.5 Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 10210 Copyrights and Trademarks\n",
      "© IBM Corporation 1994-2005. All rights reserved. References in this document to IBM  \n",
      "products or services do not imply that IBM intends to make them available in every country.\n",
      "The following terms are trademarks of International Business Machines Corporation in the  \n",
      "United States and/or other countries: Advanced Micro-Partitioning,\n",
      "AIX/L(logo), AIX 5L, DB2 Universal Database, eServer, i5/OS, IBM Virtualization Engine, Micro-Partitioning, iSeries, POWER, POWER4, POWER4+, POWER5,POWER5+, POWER6. POWER7\n",
      "A full list of U.S. trademarks owned by IBM may be found at:\n",
      "http://www.ibm.com/legal/copytrade.shtml\n",
      "UNIX is a registered trademark of The Open Group in the United States and other countries.\n",
      "Linux is a trademark of Linus T orvalds in the United States, other countries, or both.\n",
      "SAP , the SAP logo, SAP NetWeaver, and ABAP are trademark(s) or registered trademark(s) of \n",
      "SAP AG in Germany and in several other countries.\n",
      "More information about SAP trademarks can be found at:\n",
      "http://www.sap.com/company/legal/copyright/trademark.asp\n",
      "Oracle is a registered trademark of Oracle Corporation and/or its affiliates.Other company, product or service names may be trademarks or service marks of others.Information is provided “AS IS” without warranty of any kind.Information concerning non-IBM products was obtained from a supplier of these products, \n",
      "published announcement material, or other publicly available sources and does not constitute an endorsement of such products by IBM. Sources for non-IBM list prices and performance num -\n",
      "bers are taken from publicly available information, including vendor announcements and vendor worldwide homepages. IBM has not tested these products and cannot confirm the accuracy of performance, capability, or any other claims related to non-IBM products. Questions on the capability of non-IBM products should be addressed to the supplier of those products. Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 10311 Disclaimer and Special Notices\n",
      "This information could include technical inaccuracies or typographical errors. Changes are \n",
      "periodically made to the information herein; these changes will be incorporated in new editions of the publication. IBM may make improvements and/or changes in the product(s) and/or the program(s) described in this publication at any time without notice.\n",
      "Any references in this information to non-IBM Web sites are provided for convenience only and \n",
      "do not in any manner serve as an endorsement of those Web sites. The materials at those Web sites are not part of the materials for this IBM product and use of those Web sites is at your own risk.\n",
      "Any performance data contained herein was determined in a controlled environment. There-\n",
      "fore, the results obtained in other operating environments may vary significantly. Some measure-ments may have been made on development-level systems and there is no guarantee that these measurements will be the same on generally available systems. Furthermore, some measurement may have been estimated through extrapolation. Actual results may vary. Users of this document should verify the applicable data for their specific environment.\n",
      "Information concerning non-IBM products was obtained from the suppliers of those products, \n",
      "their published announcements or other publicly available sources. IBM has not tested those pro -\n",
      "ducts and cannot confirm the accuracy of performance, compatibility or any other claims related to non-IBM products. Questions on the capabilities of non-IBM products should be addressed to the suppliers of those products.\n",
      "This information contains examples of data and reports used in daily business operations. T o \n",
      "illustrate them as completely as possible, the examples include the names of individuals, compa -\n",
      "nies, brands, and products.\n",
      "All of these names are fictitious and any similarity to the names and addresses used by an actual \n",
      "business enterprise is entirely coincidental.\n",
      "COPYRIGHT LICENSE:\n",
      "This information contains sample application programs in source language, which illustrate pro -\n",
      "gramming techniques on various operating platforms. You may copy, modify, and distribute these sample programs in any form without payment to IBM, for the purposes of developing, using, marketing or distributing application programs conforming to the application programming interface for the operating platform for which the sample programs are written. These examples have not been thoroughly tested under all conditions. IBM, therefore, cannot guarantee or imply reliability, serviceability, or function of these programs\n",
      "ANY INFORMATION HEREIN IS PROVIDED “AS IS” WITHOUT WARRANTY OR \n",
      "INDEMNIFICATION OF ANY KIND BY IBM AND DO NOT ANY EXPRESS OR IMPLIED, WARRANTIES OR CONDITIONS OF MERCHANTABILITY, FITNESS OR USAGE FOR PARTICULAR PURPOSE AND ANY WARRANTY OR CONDI-TION OF NON-INFRINGEMENT. ISICC PRESS CTB-2011-1.2\n",
      "IBM SAP International Competence Center, Walldorf \n",
      "\n",
      "\n",
      "\n",
      "\n"
     ]
    }
   ],
   "source": [
    "# iterate the nested dictionaries inside the [\"hits\"][\"hits\"] list\n",
    "for num, doc in enumerate(all_hits):\n",
    "    #print (\"DOC ID:\", doc[\"_id\"], \"--->\", doc, type(doc), \"\\n\")\n",
    "    \n",
    "    print (\"DOC URL:\", doc[\"_source\"][\"url\"], \"--->\", \"\\n\")\n",
    "    print (\"DOC Source:\", doc[\"_source\"][\"published_source\"], \"\\n\")\n",
    "    print (\"DOC content:\", doc[\"_source\"][\"content\"], \"\\n\")\n",
    "    \n",
    "\n",
    "    # print a few spaces between each doc for readability\n",
    "    print (\"\\n\\n\")\n",
    "    break\n",
    "    "
   ]
  },
  {
   "cell_type": "markdown",
   "id": "4c606438",
   "metadata": {},
   "source": [
    "### 2. Match With Data with Query in data"
   ]
  },
  {
   "cell_type": "code",
   "execution_count": 12,
   "id": "3d371712",
   "metadata": {},
   "outputs": [],
   "source": [
    "### Search with specific query\n",
    "search_query2 = {\n",
    "  \"query\": {\n",
    "    \"bool\": {\n",
    "      \"must\": {\n",
    "        \"match\": {\n",
    "          \"content\": \"A 2-node IBM Sterling B2B Integrator (SBI) clustered solution is being designed. The customer will initiate connections with external partners using HTTP, FTP and SFTP protocols. For load balancing and fail over purposes 2 client adapters for each protocol are configured on each node and Service Groups are being used. How many Service Groups will be required?\"\n",
    "        }\n",
    "      }\n",
    "    }\n",
    "  }\n",
    "}"
   ]
  },
  {
   "cell_type": "code",
   "execution_count": 13,
   "id": "bd8bd017",
   "metadata": {},
   "outputs": [],
   "source": [
    "# Perform the initial search to obtain the first batch of results\n",
    "response = es_client.search(\n",
    "    index=index_name,\n",
    "    body=search_query2,\n",
    "    scroll='5m',  # Set the scroll timeout (e.g., 5 minutes)\n",
    "    size=10  # Set the number of documents to retrieve per scroll\n",
    ")"
   ]
  },
  {
   "cell_type": "markdown",
   "id": "d8e561ff",
   "metadata": {},
   "source": [
    "### 3. Filter Query \n",
    "Query which has only Redbooks data"
   ]
  },
  {
   "cell_type": "code",
   "execution_count": 15,
   "id": "781b21a7",
   "metadata": {},
   "outputs": [],
   "source": [
    "search_query3 = {\"query\": {\n",
    "    \"bool\": {\n",
    "      \"filter\": [\n",
    "        {\n",
    "          \"term\": {\n",
    "            \"published_source\": \"Redbooks\"\n",
    "          }\n",
    "        }\n",
    "      ]\n",
    "    }\n",
    "  }}"
   ]
  },
  {
   "cell_type": "code",
   "execution_count": 16,
   "id": "0678571b",
   "metadata": {},
   "outputs": [],
   "source": [
    "# Perform the initial search to obtain the first batch of results\n",
    "response = es_client.search(\n",
    "    index=index_name,\n",
    "    body=search_query3,\n",
    "    scroll='5m',  # Set the scroll timeout (e.g., 5 minutes)\n",
    "    size=10  # Set the number of documents to retrieve per scroll\n",
    ")"
   ]
  },
  {
   "cell_type": "code",
   "execution_count": 17,
   "id": "cb7491ff",
   "metadata": {},
   "outputs": [
    {
     "name": "stdout",
     "output_type": "stream",
     "text": [
      "DOC ID: 8rPQRIkBf6jOYblFcw91 ---> {'_index': 'superknowa', '_type': '_doc', '_id': '8rPQRIkBf6jOYblFcw91', '_score': 134.61635, '_source': {'id': 'sg247992', 'published_source': 'Redbooks', 'publish_date': '2012-07-21', 'last_update_date': '2023-07-11', 'indexing_date': '2023-07-11', 'content': ' ibm.com /redbooksIBM® WebSphere®  Front cover\\nEnd-to-end Integration with \\nIBM Sterling B2B Integration and Managed File Transfer Solutions\\nJames Ballentine\\nClaudemir Braghirolli\\nVasfi Gucer\\nRahul Gupta\\nJames B Herry\\nRichard Kinard\\nGianluca Meloni\\nBala Sivasubramanian\\nEduardo Ribeiro de Souza\\nFrank Strecker\\nGang YinImplement an end-to-end integration with \\nIBM Sterling and WebSphere Portfolios\\nLearn how to design a B2B solution for \\nsmall and large partners\\nExperiment with real life \\nscenarios  International Technica l Support Organization\\nEnd-to-end Integration with IBM Sterling B2B \\nIntegration and Managed File Transfer Solutions\\nJuly 2012\\nSG24-7992-00 © Copyright International Bu siness Machines Corporation 2012. All rights reserved.\\nNote to U.S. Government Users Restri cted Rights -- Use, duplication or di sclosure restricted by GSA ADP Schedule\\nContract with IBM Corp.First Edition (July 2012)\\nThis edition applies to  the following products:\\n- IBM Sterling B2B Integrator Version 5.2.3\\n- IBM Sterling File Gateway Version 2.2.3\\n- IBM Sterling Connect:Direct Version 4.6- IBM WebSphere Message Queue Version 7.0.1\\n- IBM WebSphere Message Broker Version 8.0\\n- IBM WebSphere Transformation Extender Design Studio Version 8.4- IBM WebSphere Transformation Extender for Integration Servers Version 8.4\\n- IBM WebSphere DataPower B2B Appliance XB62 Version 4.0.2.1Note: Before using this information and the product it supports, read the information in “Notices” on \\npage vii. © Copyright IBM Corp. 2012. All rights reserved. iiiContents\\nNotices  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . vii\\nTrademarks  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . viii\\nPreface  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ix\\nThe team who wrote this book . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ix\\nNow you can become a published author, too!  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xi\\nComments welcome. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xii\\nStay connected to IBM Redbooks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xii\\nPart 1.  Introducing the proposed solution architecture  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1\\nChapter 1.  Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3\\n1.1  Scope  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5\\n1.2  How to use this book. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5\\n1.3  Products used . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  . . 5\\n1.4  Intended audience. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  . 7\\n1.5  Conceptual architecture  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8\\n1.6  Business benefits  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9\\n1.7  Overview of scenarios. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 0\\n1.8  Lab environment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  10\\nChapter 2.  Enabling seamless and secure integration inside and outside of the \\nenterprise  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13\\n2.1  What are the business requirements?  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14\\n2.1.1  Basic concepts and design forces: A gentle introduction . . . . . . . . . . . . . . . . . . . 142.1.2  Conclusion  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 7\\n2.2  Secure cooperation with business partners  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17\\n2.2.1  Technical security function . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 182.2.2  Gateway function  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19\\n2.2.3  Technology choices  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20\\n2.2.4  Small enterprises  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27\\n2.2.5  Medium and large enterprises. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27\\n2.3  Seamless integration inside the enterprise . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29\\n2.3.1  Connectivity matters: Messaging  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29\\n2.3.2  WebSphere MQ  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30\\n2.3.3  Enterpri se Service Bus (ESB): Enab ler for Service Oriented Architecture . . . . . . 33\\n2.3.4  IBM ESB products. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36\\n2.3.5  Technology choices  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 38\\n2.3.6  Small enterprises  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 402.3.7  Medium and large enterprises. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42\\nChapter 3.  Connecting with your partners and managing your communication  . . . . 45\\n3.1  What are the business requirements?  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 46\\n3.2  Typical scenarios and implementation  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 46\\n3.2.1  Sample scenario: IBM Sterling File Gateway . . . . . . . . . . . . . . . . . . . . . . . . . . . . 463.2.2  Sample scenario: IBM Sterling Connect:Direct. . . . . . . . . . . . . . . . . . . . . . . . . . . 50\\n3.2.3  Sample IBM Sterling Control Center scenario  . . . . . . . . . . . . . . . . . . . . . . . . . . . 53\\n3.2.4  Sample IBM Sterling B2B Cloud Services scenario . . . . . . . . . . . . . . . . . . . . . . . 563.2.5  Sample WebSphere DataPower B2B Appliances XB62 scenario  . . . . . . . . . . . . 57 iv End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer Solutions3.3  Product information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  58\\n3.3.1  IBM Sterling File Gateway. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 58\\n3.3.2  IBM Sterling Connect:Direct . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 62\\n3.3.3  IBM Sterling B2B Cloud Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 643.3.4  IBM Sterling Control Center  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 67\\nChapter 4.  Routing and transforming messages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 69\\n4.1  What are the business requirements?  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 70\\n4.2  Message based integration choices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 72\\n4.2.1  Message translator pattern . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 734.2.2  Messaging bridge pattern . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 73\\n4.2.3  Message aggregator pattern. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 73\\n4.2.4  Message splitter pattern . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 734.2.5  Message request/response correlator pattern  . . . . . . . . . . . . . . . . . . . . . . . . . . . 74\\n4.3  Product information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  74\\n4.3.1  WebSphere Message Broker . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 744.3.2  WebSphere Transformation Extender. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 81\\n4.3.3  WebSphere DataPower XB62 appliance  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 99\\n4.3.4  Sterling B2B Integrator . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 100\\nPart 2.  Scenarios based on the proposed solution architecture  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 101\\nChapter 5.  Health Insurance scenario . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 103\\n5.1  Business value  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  104\\n5.2  Prerequisites: Technical and infrastructure. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 104\\n5.2.1  Software prerequisites  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 104\\n5.2.2  Skills prerequisites  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 105\\n5.3  Presenting the healthcare scenario. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 106\\n5.3.1  Inbound flow part 1: Sterling Secure Proxy/Sterling B2B Integrator/Sterling File \\nGateway . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 107\\n5.3.2  Inbound flow part 2: WebSphere Message Broker/WebSphere Transformation \\nExtender . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 108\\n5.3.3  Outbound flow. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 109\\n5.4  Configuring the scenario . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 109\\n5.4.1  Scenario outline  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 109\\n5.4.2  Scenario implementation  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 110\\n5.5  Testing the scenario . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 65\\n5.5.1  Original message  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1655.5.2  Delivery to Sterling File Gateway and routing of the message . . . . . . . . . . . . . . 168\\n5.5.3  Processing of the message in Sterling B2B Integrator . . . . . . . . . . . . . . . . . . . . 169\\n5.5.4  Processing of the message in WebSphere Message Broker . . . . . . . . . . . . . . . 1725.5.5  Final message delivery to backend application. . . . . . . . . . . . . . . . . . . . . . . . . . 175\\n5.5.6  Delivery of the acknowledgement to the trading partner. . . . . . . . . . . . . . . . . . . 175\\n5.6  Conclusion  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  . 176\\nChapter 6.  Financial Services scenario  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 177\\n6.1  Business value  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  178\\n6.2  Prerequisites: Technical and infrastructure. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 178\\n6.2.1  Software prerequisites  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 178\\n6.2.2  Skills prerequisites  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 180\\n6.3  Presenting the Financial Services scenario  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 181\\n6.3.1  Alternate scenarios . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 184\\n6.4  Configuring the scenario . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 185\\n6.4.1  Installing and configuring the IBM Sterling B2B Integr ator . . . . . . . . . . . . . . . . . 185  Contents v6.4.2  Installing and configuring the IBM Ster ling File Gateway . . . . . . . . . . . . . . . . . . 198\\n6.4.3  Installing and configuring the IBM Sterling Connect Dir ect. . . . . . . . . . . . . . . . . 201\\n6.4.4  Installin g and configuring the IBM Sterling Connec t:Direct File Agent . . . . . . . . 205\\n6.4.5  Installing and configuring the IBM Ster ling Secure Proxy . . . . . . . . . . . . . . . . . . 208\\n6.4.6  Installing and configuring the IBM Ster ling Control Center . . . . . . . . . . . . . . . . . 214\\n6.4.7  Installing and configuring the IBM WebSphere Transformation Extender Design \\nStudio . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 230\\n6.4.8  Installin g and configuring the IBM WebSp here Transformatio n Extender for \\nIntegration Servers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 235\\n6.5  Testing the scenario . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2 35\\n6.6  Extended scenario  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23 8\\n6.6.1  Business value . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 238\\n6.6.2  Additional prerequisites. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2386.6.3  Overview of the extension scenario  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 239\\n6.6.4  Alternate configurations  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 240\\n6.6.5  Configuring the extended scenario . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 240\\n6.7  Conclusion  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  . 259\\nChapter 7.  Supply Chain scenario using AS2 and EDI  . . . . . . . . . . . . . . . . . . . . . . . . 261\\n7.1  Business value  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  262\\n7.2  Prerequisites: Technical and infrastructure. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 262\\n7.2.1  Software prerequisites  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2627.2.2  Skills prerequisites  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 263\\n7.3  Presenting the scenario  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 263\\n7.3.1  Primary scenario . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2637.3.2  Alternate scenarios . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 264\\n7.4  Configuring the scenario . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 265\\n7.4.1  Configuring the IBM WebSphere B2B Appliance XB62 . . . . . . . . . . . . . . . . . . . 2657.4.2  Configuring the IBM WebSphere Transformation Extender . . . . . . . . . . . . . . . . 290\\n7.4.3  Configuring IBM Sterling B2B Integrator. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 301\\n7.5  Testing the scenario . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 07\\n7.5.1  Inbound flow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 308\\n7.5.2  Outbound flow. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 310\\n7.5.3  Viewing the test results . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 311\\n7.6  Conclusion  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  . 312\\nChapter 8.  IBM Sterling B2B Cloud Service scenarios  . . . . . . . . . . . . . . . . . . . . . . . . 313\\n8.1  File-based B2B cloud scenario . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 314\\n8.1.1  Business value . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3148.1.2  Presenting the scenario  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 314\\n8.1.3  Configuring the scenario . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 315\\n8.1.4  Testing the scenario . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3178.1.5  Conclusion  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 323\\n8.2  EDI-based B2B cloud scenario . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 324\\n8.2.1  Business value . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3248.2.2  Presenting the scenario  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 324\\n8.2.3  Configuring the scenario . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 325\\n8.2.4  Testing the scenario . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3268.2.5  Conclusion  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 331\\nAppendix A.  Additional material  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 333\\nLocating the Web material . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 333\\nUsing the Web material . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33 4\\nSystem requirements for downloading the Web material . . . . . . . . . . . . . . . . . . . . . . . 334 vi End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsDownloading and extracting the Web material . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 334\\nRelated publications  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 335\\nIBM Redbooks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 335\\nOnline resources  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 335\\nHelp from IBM  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  . 336 © Copyright IBM Corp. 2012. All rights reserved. viiNotices\\nThis information was developed for products and services offered in the U.S.A. \\nIBM may not offer the products, services, or features di scussed in this document in other countries. Consult \\nyour local IBM representative for information on the products and services currently available in your area. Any \\nreference to an IBM product, program, or service is not intended to state or imply that only that IBM product, \\nprogram, or service may be used. Any functionally equivalent product, program, or service that does not infringe any IBM intellectual property ri ght may be used instead. However, it is the user\\'s responsibility to \\nevaluate and verify the operation of any non-IBM product, program, or service. \\nIBM may have patents or pending patent applications covering subject matter described in this document. The \\nfurnishing of this document does not give you any licen se to these patents. Y ou can send license inquiries, in \\nwriting, to: IBM Director of Licensing, IBM Corporation, North Castle Drive, Armonk, NY 10504-1785 U.S.A.\\nThe following paragraph does not apply to the United Kingdom or any other country where such \\nprovisions are inconsistent with local law:  INTERNATIONAL BUSINESS MACHINES CORPORATION \\nPROVIDES THIS PUBLICATION \"AS IS\" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS OR \\nIMPLIED, INCLUDING, BUT NOT LIMITED TO, TH E IMPLIED WARRANTIES OF NON-INFRINGEMENT, \\nMERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOS E. Some states do not allow disclaimer of \\nexpress or implied warranties in certain transactions, therefore, this statement may not apply to you. \\nThis information could include technical inaccuracies or typographical errors. Changes are periodically made \\nto the information herein; these chan ges will be incorporated in new editions  of the publication. IBM may make \\nimprovements and/or changes in the product(s) and/or the program(s) described in this publication at any time without notice. \\nAny references in this information to non-IBM websites are provided for convenience only and do not in any \\nmanner serve as an endorsement of those websites. The materials at those websites are not part of the \\nmaterials for this IBM product and use of  those websites is at your own risk. \\nIBM may use or distribute any of the information you supply in any way it believes appropriate without incurring \\nany obligation to you.\\nInformation concerning non-IBM products was obtained from the suppliers of those products, their published \\nannouncements or other publicly available sources. IB M has not tested those products and cannot confirm the \\naccuracy of performance, compatibility or any other cl aims related to non-IBM pr oducts. Questions on the \\ncapabilities of non-IBM products should be addr essed to the suppliers of those products.\\nThis information contains examples of  data and reports used in daily business oper ations. To illustrate them \\nas completely as possible, the examples include the nam es of individuals, companies, brands, and products. \\nAll of these names are fictitious and any similarity to the names and addresses used by an actual business \\nenterprise is entirely coincidental. \\nCOPYRIGHT LICENSE:\\nThis information contains sample application programs in  source language, whic h illustrate programming \\ntechniques on various operating platforms. Y ou may copy, modify, and distribute these sample programs in \\nany form without payment to IBM, for the purposes of developing, using, marketing or distributing application \\nprograms conforming to the application programming interf ace for the operating platform for which the sample \\nprograms are written. These examples have not been thoroughly tested under all conditions. IBM, therefore, \\ncannot guarantee or imply re liability, serviceability, or function of these programs.  viii End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsTrademarks\\nIBM, the IBM logo, and ibm.com are trademarks or registered trademarks of International Business Machines \\nCorporation in the United States, other countries, or both. These and other IBM trademarked terms are marked on their first occurrence in this information with the appropriate symbol (® or ™), indicating US \\nregistered or common law trademarks owned by IBM at the time this information was published. Such \\ntrademarks may also be registered or common law trademarks in other countries. A current list of IBM trademarks is available on the Web at http://www.ibm.com/legal/copytrade.shtml\\nThe following terms are trademarks of the International Business Machines Corporation in the United States, \\nother countries, or both: \\nCICS®\\nDataPower®\\nDB2®IBM®IMS™\\nRedbooks®\\nRedbooks (logo) ®Smarter Commerce™Tivoli®\\nWebSphere®\\nz/OS®\\nThe following terms are trademarks of other companies:\\nConnect:Direct, Connect:Enterprise, Gentran:Server, Sterling Integrator, and Sterling Commerce are \\ntrademarks or registered trademarks of Sterling Commerce, Inc., an IBM Company.\\nMicrosoft, Windows, and the Windows logo are trademarks  of Microsoft Corporation in the United States, \\nother countries, or both.\\nJava, and all Java-based trademarks and logos are trademarks or registered trademarks of Oracle and/or its \\naffiliates.\\nIntel, Intel logo, Intel Inside, Intel Inside logo, Intel Centrino, Intel Centrino logo, Celeron, Intel Xeon, Intel \\nSpeedStep, Itanium, and Pentium are trademarks or registered trademarks of Intel Corporation or its \\nsubsidiaries in the United States and other countries. \\nOther company, product, or service names may be trademarks or service marks of others. \\n © Copyright IBM Corp. 2012. All rights reserved. ixPreface\\nAcross numerous vertical industries, enter prises are challenged to improve processing \\nefficiency as transactions flow from their business communities to their internal systems and vice versa, simplify management and expansion of the external communities, accommodate customer and supplier preferences, govern the flow of information, enforce policy and standards, and protect sensitive information. Thr oughout this process, external partners must \\nbe on-boarded and off-boarded, information must flow across multiple communications infrastructures, and data must be mapped and transformed for consumption across multiple applications. \\nSome transactions require synchronous or real-time processing while others are of a more \\nperiodic nature. For some classes of customer or supplier, the enterprise might prefer a locally-managed, on-premise solution. For some types of communities (often small businesses), an as-a-Service solution might be the best option. Many large enterprises combine the on-premise and as-a-Service approach to serve different categories of business partners (customers or suppliers.\\nThis IBM\\n® Redbooks ® publication focuses on solutions for end-to-end integration in complex \\nvalue chains and presents several end-to-end common integration scenarios with IBM Sterling and IBM WebSphere\\n® portfolios.\\nIt is not the goal of this publication to provide deep technical detail for every product, or to \\nprovide the singular best solution for any specific scenario, but rather to provide insight on how integration using the products can be accomplished.\\nWe first define a high level integration solution architecture and provide several examples of \\nhow this architecture can be applied to different industries.\\nWe believe that this publication will be a refe rence for IT Specialists and IT Architects \\nimplementing an integration solution architecture involving IBM Sterling and IBM WebSphere portfolios.\\nThe team who wrote this book\\nThis book was produced by a team of specialists from around the world working at the International Technical Support Organization, Raleigh Center.\\nJames Ballentine  is an Advisory Software Engineer for the IBM Sterling B2B Integrator \\nSupport Team, part of B2B Commerce Solutions of the IBM Industry Solutions group. He has worked as a support professional for IBM Sterling B2B Integrator for the past 7 years, 5 of which were spent as the team lead for the Database support team. Prior to joining this team, he had worked for nearly 10 years as a database administrator, designer, and developer in a variety of positions. He has extensive experience with RDBMS technologies, as well as various programming languages and associated technologies.\\nClaudemir Braghirolli  works at Customer Support, IBM Software Group, Commerce based \\nin São Paulo, Brazil, his native town. He has 19 years of experience with the products of IBM Sterling Connect:Direct family and 7 years of experience with IBM Sterling B2B Integrator. His areas of expertise include implementation and support of IBM Sterling Connect:Direct family products, support of IBM Sterling B2B Integrator, and development of applications under IBM Sterling B2B Integrator. x End-to-end Integration with IBM Sterling B2B Inte gration and Managed File Transfer SolutionsVasfi Gucer  is a Project Leader at the IBM International Technical Support Organization. He \\nhas been with the ITSO since January 1999. He has more than 12 years of experience in the areas of systems management, networking hardware, and software on mainframe and distributed platforms. He writes extensively and teaches IBM classes worldwide on IBM products. Vasfi is also an IBM Certified Senior IT Specialist, PMP , and ITIL Expert.\\nRahul Gupta   is an Advisory IT Specialist with IBM Global Technology Services in India. He \\nis a Certified SOA Architect with 6 years of professional experience in IBM messaging technologies. At his current assignment, he works as a middleware consultant for various clients in North America. His core experiences  are in lab testing, performance tuning, and \\nLevel 3 development for both WebSphere Message Broker and WebSphere MQ products. Rahul has been a technical speaker for messaging-related topics at various WebSphere conferences and is a recognized inventor by the IBM innovation community.\\nJames B Herry  is a Senior Managing Consultant, cu rrently with IBM Software Services - \\nIndustry Solutions. He joined IBM in 2006 after working for 16 years as an application development professional, specializing in middleware integration. James graduated from Elon College in 1990 with a Bachelor\\'s degree in Computer Science. Since joining IBM, he has specialized in helping clients in the financial and health care industries integrate WebSphere Transformation Extender into their middleware solutions, both as a solution architect and as an integration consultant.\\nRichard Kinard  is the Product Manager for WebSphere DataPower Appliances. He is a \\nsubject matter expert in business-to-business (B2B) technologies and has over 12 years of experience designing, developing, and implementing B2B solutions. He has worked on many initiatives with Internet standar ds organizations to promote B2B interoperability and was a \\nSenior Product Manager of a successful B2B application prior to working for IBM.\\nGianluca Meloni  is a Technical Support Analyst for IBM Industry Solutions, B2B Commerce, \\nbased in Italy. He has 11 years of experience in the B2B integration field. He holds a degree in mathematics from the Univer sity of Cagliari. His areas of expertise include IBM Sterling \\nB2B Integrator, IBM Sterling File Gateway, IBM Sterling Connect:Direct and IBM Sterling Gentran:Server for UNIX. Origin ally from Sardinia, he is no w home-based in Sanremo with \\nhub office in Milan.\\nBala Sivasubramanian is an IBM Certified Senior IT Specialist for IBM US SWG - Industry \\nSolution Service, which focuses on Telecom, Media, and Entertainment. Previously, he \\nworked in the IBM US GBS Wireless Practice as  Senior IT Specialist and Integration Architect \\nfor the Tier 1 Service Providers in North America and has wide, international experience in the real world Telecom projects that involve complex integration solutions. His expertise \\nincludes a broad focus on the telecommunications industry. He has a deep knowledge of IBM tooling / product suite / Industry frameworks, IBM Telecom SDP & SPDE Framework, Parlay & TMF Standards, and OSS/BSS vend or product integration with IBM Web Sphere Middleware \\nProducts. He is the co-author for IBM Redbooks publications on the Telecommunication Industry Solution and is co-author for the IBM Certifications on the IBM Middleware and Tooling Products. He is also an IBM Certified Senior IT Specialist - Application Integration and Middleware and has 8+ IBM Product Certifications. Additionally, he holds a degree in Computer Science Engineering.\\nEduardo Ribeiro de Souza  is a Senior Solution Engineer and an architect to integration \\nsolutions such as Enterprise Application Integration (EAI), Business to Business Integration (B2Bi), Business Process Management (BPM),  Business Activity Monitoring (BAM), and \\ncomposite applications. He has more than 15 years of experience in developing and integrating enterprise applications across a variety of industries. He holds a Master’s degree in Production Engineering from Federal University of Santa Catarina, Brazil.  Preface xiFrank Strecker  is an Advisory IT Architect and Support Engineer in the European IBM \\nSterling B2B Integrator support team. Before joining IBM Industry Solutions support, he used to work as a WebSphere MQ and Message Broker Consultant in the German IBM Software Services for WebSphere team. After working hours, Frank teaches the Alexander Technique.\\nGang Yin  is a Product Developer in Sterling B2B China team, focusing on development and \\nL3 support of Sterling B2B cloud services. His areas of expertise include WebSphere ESB, WebSphere Message Broker, and WebSphere DataPower appliances.\\nThanks to the following people for their contributions to this project:\\nDave Bennin, Shari Deiana, Emma Jacobs, Stephen Smith\\nInternational Technical Support Organization, Raleigh Center\\nBobbi Burris, Rex Chan, Daniel Davis, Diane Defallo, Fritz Fahrenback, Charles Fenton, Bill \\nHines, Michael Hudson, Lorenz Jimenez, Scott Lewis, Dirk Maney, Jeff Matteo, George Middlebrook, Jeff Leach, Todd Margo, Mark Roper, Pamela TaylorIBM USA\\nKen Clark, David Hardcastle\\nIBM UK\\nAndrew Pang\\nIBM Canada\\nThe team also would like to thank Bandana Batra for providing valuable input on the book \\ncontent.\\nNow you can become a published author, too!\\nHere’s an opportunity to spotlight your skills, grow your  career, and become a published \\nauthor—all at the same time! Join an ITSO residency project and help write a book in your area of expertise, while honing your experience using leading-edge technologies. Y our efforts will help to increase product ac ceptance and customer satisf action, as you expand your \\nnetwork of technical contacts and relationships. Residencies run from two to six weeks in \\nlength, and you can participate either in person or as a remote resident working from your home base.\\nFind out more about the residency program, browse the residency index, and apply online at:\\nibm.com/redbooks/residencies.html xii End-to-end Integration with IBM Sterling B2B In tegration and Managed File Transfer SolutionsComments welcome\\nY our comments are important to us!\\nWe want our books to be as helpful as possible. Send us your comments about this book or \\nother IBM Redbooks publications in one of the following ways:\\n/SM590000Use the online Contact us  review Redbooks form found at:\\nibm.com/redbooks\\n/SM590000Send your comments in an email to:\\nredbooks@us.ibm.com\\n/SM590000Mail your comments to:\\nIBM Corporation, International Technical Support Organization\\nDept. HYTD Mail Station P0992455 South RoadPoughkeepsie, NY 12601-5400\\nStay connected to IBM Redbooks\\n/SM590000Find us on Facebook:\\nhttp://www.facebook.com/IBMRedbooks\\n/SM590000Follow us on Twitter:\\nhttp://twitter.com/ibmredbooks\\n/SM590000Look for us on LinkedIn:\\nhttp://www.linkedin.com/groups?home=&gid=2130806\\n/SM590000Explore new Redbooks publications, residencies, and workshops with the IBM Redbooks \\nweekly newsletter:\\nhttps://www.redbooks.ibm.com/Redbooks.nsf/subscribe?OpenForm\\n/SM590000Stay current on recent Redbooks publications with RSS Feeds:\\nhttp://www.redbooks.ibm.com/rss.html © Copyright IBM Corp. 2012. All rights reserved. 1Part 1Introducing the \\nproposed solution \\narchitecture\\nIn this part of the book, we introduce our proposed solution architecture for implementing \\nend-to-end integration in complex value chains. In Chapter 1, “Introduction” on page 3, we describe this architecture at a high level. In the rest of the chapters in this part, we delve into details of the components of this proposed solution architecture. Part 1 2 End-to-end Integration with IBM Sterling B2B Inte gration and Managed File Transfer Solutions © Copyright IBM Corp. 2012. All rights reserved. 3Chapter 1. Introduction\\nIn today’s business and technology environment,  it is likely that you deploy products from \\nmany different technology portfolios to meet the needs of your organization. It is also likely that you solve a multitude of business problems by making use of a multitude of technology offerings. You have probably thought about ho w you might best use t he capabilities of the \\nvarious products you have in place to more ef fectively integrate your business, while still \\nleveraging the investment in the effort and technology you have already made. This IBM® Redbooks® publication addresses this concern, as  it relates to products in the IBM Sterling \\nand products in the IBM WebSphere® portfolios. \\nThis publication provides a guide to end-to-end integration for organizations with these needs:\\n/SM590000Already have solutions deployed using both sets of products and want to more securely \\nand seamlessly integrate them together. \\n/SM590000Want to extend the capabilitie s of an existing solution t hat makes use of one of the \\naforementioned product portfolios by integrating it with the other.\\n/SM590000Have inherited technology solutions through a merger or an acquisition and want to \\nintegrate the inher ited capabilities with the existing functionality.\\nThe products used for the scenarios described in this publication are not all-inclusive, but they \\nprovide you with ideas for how you can build basic integration between the products. The scenarios are based on real-world situations and give examples of what is involved with \\nintegrating the products in a live deployment. As is the case with building and deploying any solution, it is important to un derstand the requiremen ts of the business and the capabilities of \\nthe available technology in order to provide the most cost effective and robust solution required to meet the goals of the business. \\nIt is not the goal of this publication to provide deep technical detail for every product or to \\nprovide the singular best solution for any specific scenario, but rather to provide insight on how integration using the products can be accomplished.\\nThis chapter introduces the content of this publication, the products that we use to \\ndemonstrate the capabilities of the software suites, the real world scenarios that we chose to \\ndemonstrate implementation of integration, and some alternative choices that you might want to make in your organization.1 4 End-to-end Integration with IBM Sterling B2B Inte gration and Managed File Transfer SolutionsThis chapter includes the following sections:\\n/SM5900001.1, “Scope” on page 5\\n/SM5900001.2, “How to use this book” on page 5\\n/SM5900001.3, “Products used” on page 5\\n/SM5900001.4, “Intended audience” on page 7\\n/SM5900001.5, “Conceptual architecture” on page 8\\n/SM5900001.5, “Conceptual architecture” on page 8\\n/SM5900001.7, “Overview of scenarios” on page 10\\n/SM5900001.8, “Lab environment” on page 10 Chapter 1. Introduction 51.1  Scope\\nBecause of the numerous possible points of integration between the products in the IBM \\nSterling and the IBM WebSphere portfolios, the scope of this publication excludes demonstrating integration between every possible product combination. Instead we provide examples, from which you can extend the concepts of integration to other product combinations.\\nWe assume that you are knowledgeable regarding the products discussed in this publication. \\nTherefore, installation, base configuration, and detailed instruction on the basic use of the products discussed in the scenarios are not provided. However, we do provide references to enable you to gain a dditional knowledge and skill for ea ch of the products we discuss.\\n1.2  How to use this book\\nThis publication is divided into two parts: \\n/SM590000Part 1, “Introducing the proposed solution architecture” on page 1 describes the \\nconceptual architecture and how to implement each of the high level components of the architecture using products from IBM Sterling and IBM WebSphere portfolios. Each component is discussed as to its purpose within the functional area of the architecture in which it resides. \\nIn addition to the products actually used to implement the various scenarios appearing in \\nthis book, products that might be candidates  to serve the same purpose are referenced. \\nThe products used in the scenarios discussed in this publication to demonstrate the integration capabilities ar e introduced in 1.8, “Lab  environment” on page 10.\\n/SM590000Part 2, “Scenarios based on the proposed solution architecture” on page 101 describes \\nfour scenarios that demonstrate ways to integrate IBM Sterling and the IBM WebSphere portfolio products. Each scenario implementation is discussed. Each implementation is executed using a diff erent combination of products and/o r product capab ilities from the \\navailable products in the IBM Sterling and WebSphere portfolios. \\n1.3  Products used\\n/SM590000IBM Sterling B2B Integrator V5.2.3:\\nA transaction engine and toolkit that allows  the user to define, create, implement, and \\nmanage process flows. These flows, in turn, allow for the processing, routing, translation, and storage of high volumes of inbound and outbound messages or files, and can also interact and integrate with both internal systems and external business partners. For more information, including the details of the supported protocols, see “Sterling B2B Integrator” on page 21. Y ou can also see the IBM Sterling B2B Integrator 5.2 Information Center at:\\nhttp://publib.boulder.ibm.com/infocenter/sb2bi/v5r2/index.jsp\\n/SM590000IBM Sterling File Gateway V2.2.3:\\nAn application that integrates  with, and extends, the ability of IBM Sterling B2B Integrator \\nto accept, manage, route, and process files from external partners, using multiple different protocols and formats. It can simplify the management of external partners and communities and can also assist  in seamless integration of internal and external systems. \\nFor more information, see “IBM Sterling File Gateway” on page 58. Another source of information is IBM Sterling File Gateway 2.0 Information Center which can be found at:\\nhttp://publib.boulder.ibm.com/infocenter/sfg/v2r0/index.jsp 6 End-to-end Integration with IBM Sterling B2B Inte gration and Managed File Transfer Solutions/SM590000IBM Sterling Connect:Direct® V4.6:\\nA peer-to-peer file-based integration middleware which provides secure delivery of \\nhigh-volume data within and between enterprises. It is optimized for high performance file transfer of any type of data (text, EDI, binary, digital content, image) across multiple platforms, several file systems, and many different media. A large number of industries throughout the world use it to move large volumes of data and for connecting to remote offices. For more information, see “IBM Sterling Connect:Direct” on page 62 or IBM \\nSterling Connect:Direct Product Overview  manual at:\\nhttp://www.sterlingcommerce.com/documentation/home/MFT/ConnectDirect/Common/CDO\\nverview.pdf\\n/SM590000IBM Sterling Secure Proxy V3.4:\\nAn application proxy between IBM Connect:Direct nodes or between a client application \\nand an IBM Sterling B2B Integrator server. It provides a high level of data protection between external connections and your internal network. It defines an inbound node definition for each trading partner connection from outside the company and an outbound node definition for every co mpany server to which SSP w ill connect. It supports the \\nfollowing protocols: C:D, PEsit, FTP , SFTP ( SSH-FTP), FTPS (FTP over SSL/TLS), HTTP , \\nHTTPS. For more information, see “Sterling Secure Proxy” on page 24, or see the following link:\\nhttp://publib.boulder.ibm.com/infocenter/ssp/v3r4/index.jsp\\n/SM590000IBM Sterling Control Center V5.3:\\nProvides centralized management, monitoring, and notification for IBM Sterling products. \\nFor more information, see “IBM Sterling Control Center” on page 67. Y ou can also see the following link:\\nhttp://publib.boulder.ibm.com/infocenter/sb2bi/v5r2/nav/6_5\\n/SM590000IBM WebSphere MQ V7.0.1:\\nMessaging backbone that provides powerful and reliable connectivity and assured delivery \\nof messages throughout the enterprise. For more information, see “WebSphere MQ” on page 30, or see:\\nhttp://publib.boulder.ibm.com/infocenter/wmqv7/v7r0/index.jsp\\n/SM590000IBM WebSphere Message Broker V8.0:\\nHigh volume integration hub that  delivers advanced enterprise  service bus capabilities on \\nthe WebSphere MQ backbone. For more information, see “WebSphere Message Broker” on page 74, or see:\\nhttp://publib.boulder.ibm.com/infocenter/wmbhelp/v8r0m0/index.jsp\\n/SM590000IBM WebSphere Transformation Extender Design Studio V8.4:\\nUsed to develop the maps used to translate and transform data to the desired formats. For \\nmore information, see “WebSphere Transformation Extender Design Studio” on page 81, or see:\\nhttp://publib.boulder.ibm.com/infocenter/wtxdoc/v8r4m0/index.jsp\\n/SM590000IBM WebSphere Transformation Extender for Integration Servers V8.4:\\nAllows execution of maps on a variety of hardware platforms by many software products. \\nFor more information, see “WebSphere Transformation Extender for Integration Servers” on page 87, or see:\\nhttp://publib.boulder.ibm.com/infocenter/wtxdoc/v8r4m0/index.jsp Chapter 1. Introduction 7/SM590000IBM WebSphere Transformation Extender Industry Packs:\\nPrebuilt industry specific artifacts providing out of the box functionality and used to \\naccelerate map development. The packs used in the book scenarios are: \\n– EDI pack V2.8.0\\n– Healthcare pack V4.4.0\\nFor more information, see “WebSphere Transformation Extender Industry Packs” on \\npage 87, or see:\\nhttp://publib.boulder.ibm.com/infocenter/wtxdoc/v8r4m0/index.jsp\\n/SM590000IBM WebSphere DataPower ® B2B Appliance XB62 v4.0.2.1:\\nThe XB62 is a B2B enabled security gateway that makes the services of one organization \\navailable to others in a controlled and secu red manner providing capabilities such as \\nconnection security, B2B Messaging, non-repudiation and partner profile management. Additionally, it utilizes the integration services  needed to make it easy to integrate to \\ninternal systems or directly to  applications. These services built on-top of the DataPower \\nappliance form factor adds integrated networ k functions decreasing the complexity and \\ndeployment footprint of the solution. For more information, see “WebSphere DataPower XB62 appliance” on page 25, or see:\\nhttp://publib.boulder.ibm.com/infocenter/ieduasst/v1r1m0/index.jsp?topic=/com.i\\nbm.iea.wdatapower/wdatapower/1.0/xb62.html\\n/SM590000IBM Sterling File Transfer Service:\\nAllows customers to manage a single, secure, and reliable connection to reach their \\nbusiness partners without the capital expense associated with on-premise software or the operational impact on IT staff. For more information, see “IBM Sterling File Transfer Service” on page 65, or see:\\nhttp://publib.boulder.ibm.com/infocenter/sb2bsvcs/v1r0/nav/13\\n/SM590000IBM Sterling B2B Collaboration Network:\\nActs as the communications link between cu stomers and their business partners, and \\noffers a growing list of on-demand application services. For more information, see “IBM Sterling B2B Collaboration Network” on page 66, or see:\\nhttp://publib.boulder.ibm.com/infocenter/sb2bsvcs/v1r0/nav/0\\n/SM590000IBM Sterling Web Forms:\\nA customizable website operated by IBM that helps customers to integrate smaller trading \\npartners who do not have EDI capabilities. For more information, see “IBM Sterling Web \\nForms” on page 67, or see:\\nhttp://publib.boulder.ibm.com/infocenter/sb2bsvcs/v1r0/nav/9\\n1.4  Intended audience\\nThis publication is intended for anyone who want s to gain insight into integrating solutions that \\nuse IBM Sterling and the IBM WebSphere portfolios. \\nFor example:\\n/SM590000Y ou might be interested in building a new solution to meet the needs of your organization \\nand want to make use of the most powerful features of both the IBM Sterling and the IBM WebSphere portfolios. 8 End-to-end Integration with IBM Sterling B2B Inte gration and Managed File Transfer Solutions/SM590000Y ou might be involved in an acquisition or merger situation, or looking to integrate the \\ncapabilities across soluti ons that already exist. \\n/SM590000Y ou might want to eliminate redundancy of solutions across your company by integrating \\nthe best of the solutions that have already been built within different departments within your company, and these solutions make use of both technology portfolios.\\nIf any of these situations describes your expectations, or if you are just interested in the \\ncapabilities of one or th e other of these technology suites, and already use the other, you can \\nbenefit from this publication.\\n1.5  Conceptual architecture\\nFigure 1-1 shows the conceptual architecture (a lso referred as the solution architecture \\nthroughout the book) used to define each of the scenarios in this publication.\\nFigure 1-1   Conceptual architectureConceptual Architecture \\nMessage/File\\nAuthorization\\nand\\nValidationApp\\n1\\nDBs1 - nApp\\n2\\nApps\\n3 - n  Message/File\\nRemediation\\nRouting\\nTranslation\\nand\\nTransformationPerimeter\\nSecurity\\nand\\nAuthenticationDMZEnterprise Secure Zone\\nT\\nR\\nA\\nD\\nI\\nNG\\nP\\nAR\\nT\\nN\\nE\\nR\\nSA\\nB\\nS\\nT\\nRA\\nC\\nT\\nI\\nO\\nNPartner\\nIntegration\\n ZoneEnterprise\\nService\\nBusTarget\\nZone Chapter 1. Introduction 9The chosen architecture enforces message security into the organization through the DMZ. \\nThen, inside the organization, trading partner management occurs in the Partner Integration Zone. In this zone, the solution validates the file or message type against the trading partner to determine if the trading partner is authorized to send this type of information, performs validation of format, and responds with the proper acknowledgement. \\nAfter the payload is determined to be an authorized file or message, it is handed off to the \\nEnterprise Service Bus to be transformed and routed to the targeted destination. Details of what occurs in each functional area of the conceptual architecture are discussed in Part 1, “Introducing the proposed solution architecture” on page 1 of this book.\\n1.6  Business benefits\\nThe solution architecture shown in Figure 1-1 streamlines end-to-end business processes through the ability to automate the complete process. “Real world” business processes are \\ntypically “end-to-end,” involvi ng both internal employees and  systems and external people \\nand systems. The ability to st reamline end-to-end business pr ocesses reduces operational \\ncosts through automation, improves process quality (again through automation and repeatable process models) , and offers the possibility of stra tegic business transformation. In \\na sense, the solution architecture is a foundation enabler for IBM Smarter Commerce™.\\nThe solution architecture helps organizations gain a reputation of being “easy to do business \\nwith” through a flexible business integration architecture. The IBM solution architecture enables external entities to interact with a “hub” organization in virtually any style of integration, whether file-based, messaged-based, or service-based. The solution architecture supports direct partner interactions through software or mediated interactions through IBM B2B Services. This enables a hub organization to optimize its value chain and be more agile. It can respond more quic kly to changing business conditions and is more resilient to supply \\nchain disruptions.\\nThe flexibility inherent in the solution architecture also facilitates business services \\ninnovation. It enables organizations to accelerate the deployment of new business services, exposed through MFT interfaces, traditional B2B document-oriented interfaces, or more progressive real-time Web Services. It can have widespread business benefits through:\\n/SM590000Faster time-to-value for new electronic business services.\\n/SM590000Expanding the accessible market for a service globally.\\n/SM590000Enabling an organization to ta rget a different size customer  segment, for example, ability \\n(perhaps) to target the SMB world for the first time. \\nThe solution architecture, because its a general framework that can be deployed as a \\ncorporate standard, enab les reduced complexity and enhanced  IT agility. It offers a defined \\nframework for external entity interaction, enabling the strategic concept of “single view of partner” (external entity), thus reducing perceived external interface complexity for the hub organization and increasing the quality of external entity interactions.DataPower XB62:  This architecture is slightly different when using the DataPower XB62 \\nAppliance. In this scenario, the DataPowe r XB62 Appliance sits in the DMZ and moves \\nB2B Security out to the edge of the network and rejects unwanted connections and partners before they get into the secured network. So when using DataPower XB62, partner management happens in the DMZ, eliminating the need for the Partner Integration Zone. 10 End-to-end Integration with IBM Sterling B2B In tegration and Managed File Transfer SolutionsLarge enterprises typically have multiple systems (perceived as multiple “points of entry” by \\nthe external entity) used to interact with external entities. The solution architecture enables B2B architecture consolidation. It is a strategic IT cost containment initiative but also a strategic business quality improvement initiative.\\nThe solution architecture helps organizations conform to modern information security \\nmandates, which are increasingly stringent and vary geographically, by industry and even by process. The benefit here is to be able to satisfy the requirements of internal security audits as well as security expectations of external entities and governing bodies. The solution implements a robust “edge securi ty” capability, which facilitates both secure and scalable B2B \\ninteractions, and whic h provides important value-add DMZ capabilit ies beyond traditional \\n“proxy” servers.\\nBecause the solution architecture offers a strategic approach to end-to-end integration, it thus \\nprovides a sound go-forward foundation for Smarter Commerce: the classic “invest \\nstrategically, implement tactically” kind of concept. The solution architecture is extensible. It can be widely applied and widely used to leverage existing infrastructure. The solution architecture facilitates both bat ch and real-time orient ed B2B integration. As such, it enables \\nthe organization to optimize their approach to evolving traditional batch oriented processes to near real-time interactio ns. Thus, it facilitates the evolutio n toward the true digital business.\\n1.7  Overview of scenarios\\nThe scenarios cover a subset of real world deployments that can be implemented using \\nproducts from IBM Sterling and IBM WebSphere portfolios. The solutions to the scenarios are based on our experience deploying our products in the industries covered in the scenarios, and are based on the expertise gained using the products selected. The scenarios demonstrate how to integrate between the produc ts we use to solve a specific business need. \\nThese configurations fulfill busi ness requirements, IT constraint s, and other external factors \\nof each specific scenario. \\nKeep in mind that the configurations used in the scenarios are not your only option. We chose \\nthe implementation details we used to demonstrate how to integrate these specific products, yet still meet the requirements of the business. We also provide inform ation about alternative \\nconfigurations, that also meet the requirements of the various scenarios. The scenarios we chose to implement in this publication are based on use cases from the following industries:\\n/SM590000Health insurance\\n/SM590000Financial\\n/SM590000Supply Chain\\nWe also chose to show scenarios making use of cloud services.\\n1.8  Lab environment\\nThis section describes the lab environment used to implement the scenarios in Part 2 of this \\nbook. Host names as well as the operating system and release level or firmware release level are given for each host. The software stack installed on each host is also provided.  Chapter 1. Introduction 11All Windows systems have the following configuration: \\n/SM590000Lenovo M57p (machine type 9196)\\n/SM590000Intel Core 2 Duo processor\\n/SM5900008G RAM\\n/SM590000Gigabit ethernet\\n/SM590000Windows 2008 or Windows 7 64 bit\\nSee Table 1-1 for details. \\nTable 1-1   Lab environment\\nHost name Operating system/ \\nfirmware levelInstalled products/appl iances Scenario where \\nused\\nesb01.itso.ibm.com Windows 7 IBM WebSphere MQ V7.0.1\\nIBM WebSphere Message Broker V8.0\\nIBM WebSphere Transformation Extender V8.4 Chapter 7, \\n“Supply Chain \\nscenario using \\nAS2 and EDI” on page 261\\nesb02.itso.ibm.com Windows 7 IBM WebSphere MQ V7.0.1\\nIBM WebSphere Message Broker V8.0\\nIBM WebSphere Transformation Extender V8.4 Chapter 5, \\n“Health \\nInsurance \\nscenario” on page 103\\ncc01.itso.ibm.com Windows 7 IBM WebSphere Transformation Extender V8.4 \\nIBM Sterling Connect Direct V4.6\\nIBM Sterling Control Center V5.3Chapter 6, \\n“Financial \\nServices \\nscenario” on page 177\\nssp01.itso.ibm.com Windows 7 IBM Sterling Secure Proxy V3.4 Chapter 5, \\n“Health \\nInsurance \\nscenario” on page 103\\nb2b01.itso.ibm.com Windows 200 8 IBM WebSphere MQ V7.0.1\\nIBM Sterling B2B Integrator V5.2.3\\nIBM Sterling File Gateway V2.2.3\\nIBM Transformation Extender V8.4(connected to the Internet)Chapter 5, \\n“Health \\nInsurance \\nscenario” on page 103 \\nb2b02.itso.ibm.com Windows 200 8 IBM WebSphere MQ V7.0.1\\nIBM WebSphere Message Broker V8.0\\nIBM WebSphere Transformation Extender V8.4\\nIBM Sterling Connect Direct V4.6IBM Sterling B2B Integrator V5.2.3\\nIBM Sterling File Gateway V2.2.3Chapter 6, \\n“Financial \\nServices \\nscenario” on page 177\\nDataPower \\n9005/7199 \\nApplianceDataPower Firmware \\nV4.0.2.1IBM WebSphere DataPower B2B Appliance XB62 Chapter 7, \\n“Supply Chain \\nscenario using \\nAS2 and EDI” on \\npage 261 12 End-to-end Integration with IBM Sterling B2B In tegration and Managed File Transfer Solutions © Copyright IBM Corp. 2012. All rights reserved. 13Chapter 2. Enabling seamless and secure \\nintegration inside and outside of \\nthe enterprise\\nThis chapter discusses integration inside and outside of the enterprise: the cooperation with \\nexternal partners as customers and suppliers and the internal cooperation across the enterprise. Because internal and external integration require different approaches, we discuss both kinds of integr ation in distinct sections:\\n/SM590000External integration, which must be as secure as needed\\n/SM590000Internal integration, which must be as seamless as helpful\\nStarting from the conceptual architecture ex posed in 1.5, “Conceptual architecture” on \\npage 8, we discuss how the enterprise can establish safe connections to the outer world through a well equipped perimeter network. We do not discuss the construction of a DMZ in depth. But we do discuss the equipment needed there to establish safe partner operations through protocol termination and the implementati on of the “Don’t call us, we’ll call you” \\nprinciple between trusted zone and perimeter. \\nIn this chapter, we show how gateways can help to isolate the internals from the partner \\ncommunication. We show how good architecture  and implementation guidelines can help to \\nprohibit the proliferation of partner specific details into the entire enterprise. We also discuss the integration of the entire enterprise through hub or bus structures.\\nA preliminary section is included to help you cons ider general requirements and design forces \\nin terms of IT integration and B2B. You can skip this section if  you are familiar with the field, \\nor you can read it to enjoy the high level discussion of principles based on a model of vintage integration by punchcards. \\nThis chapter includes the following sections:\\n/SM5900002.1, “What are the business requirements?” on page 14\\n/SM5900002.2, “Secure cooperation with business partners” on page 17\\n/SM5900002.3, “Seamless integration inside the enterprise” on page 292 14 End-to-end Integration with IBM Sterling B2B In tegration and Managed File Transfer Solutions2.1  What are the business requirements?\\nWhat a business requires exactly in terms of internal and external integration is always based \\non the kind of business being done. Requirements depend (among others) on the following factors:\\n/SM590000Size of the enterprise\\n/SM590000Tools and skills available\\n/SM590000Tactical or strategic attitude\\nWe consider some architectural aspects, such as extensibility, scalab ility, changeability, and \\nresilience of designs, before we discuss the technical instrumentati on of the design with \\nparticular products. We discuss these aspects and others, starting from a simple model, that helps to recapture basics and un derstand issues still relevant in  today’s integration concerns.\\n2.1.1  Basic concepts and desi gn forces: A gentle introduction\\nImagine a model of vintage integration, as shown in Figure 2-1, as it used to be common in \\nthe Seventies or Eighties: two cooperating enterprises share information about catalog data. Enterprise A, a wholesaler, send s updates to stock item catal og to Enterprise B (which is \\nbuying from A) overnight by exchanging batches of punchcards or tapes. Inside both of the \\nenterprises, the operators simply used single sets of data in shared databases. \\nFigure 2-1   Introductory sample of vintage internal and external integration\\nThe vintage integration model\\nThe vintage model shows the systems connected by using the following process:\\n1. The sender produces punchcards by encoding the content of their system according to the \\ncode and protocol agreed to by the receiving end.\\nITSO Vintage Company A\\n ITSO Vintage Company B\\nTransport\\n Chapter 2. Enabling seamless and secure integration inside and outside of the enterprise 152. The sender packs and seals punchcards into a labeled and locked container and passes \\nthe container to the intermediary; for example, a courier.\\n3. The intermediary courier transports the container and delivers to the receiver as labelled.\\n4. The receiver unlocks and unseals container, and unpacks the cards from the container.\\n5. The receiver reads the cards by translating the cards into their systems.\\nWhile the basic concept is still the same, the media has changed. The content is now \\nencoded, locked into containers for transport, transported, received, unlocked, decoded, and read. \\nChoosing encoding and prot ocol: Standards, skills, tools\\nIn the early days, enterprises had to negotiate the formats and proprietary protocols they \\nwanted to use by themselves. It proved to be costly, too expansive for single enterprises, and time consuming. As a result, standards emerged for both inside and outside communication. In 1975, the Transportation Data Committee in the American National Standards Institute (ANSI) published a first standard that led to ANSI ASC X12 EDI in 1979. See the following website for details:\\nhttp://www.x12.org/x12org/about/X12History.cfm\\nSince the EDI standards have been in place for more than thirty years now, we have a lot of \\nstandards today. Standards from all the four major eras of evolution in B2B communication now occur in the field. See Chapter 7 in the PDF file at the following website for details:\\nhttp://www.redbooks.ibm.com/abstracts/sg247745.html\\nWhile many standards began as reference models for individual programming in the \\nenterprises, it proved to be too expansive for single enterprises to catch up with the development of these standards. Enterprises need to catch up with new emerging standards and have to keep old standards alive as long as there is a single partner or internal system \\nleft that has to use it. \\nThus, most enterprises make use of tools that help them to do this task. The toolmaking \\ncompany ensures that they keep pace with the standards, while the user can spend more attention on their business. \\nY ou might notice that the same pattern that occurred on the level of individual protocols and \\non the level of standards might also become relevant for tools. If too many different tools are used, it might get hard for an  enterprise to have all of the skills at hand when needed.\\nSecurity and non-repudiation\\nPunch cards or tapes used to be packed and sealed, and put into steel-boxes for transport. \\nAfter transport, the receiver first checked the seal of the box, and then opened it. The cards received did not go directly to the card reader but were reviewed to ensure that they contained the correct category of data; for instance, only data records and no programs. After reading, the punch cards were kept as proof for later audits. \\nWe rarely use physical media today, but commun icate online. So the seals, locks, and audits \\nmust provide a virtual interpretation of the transport:\\n/SM590000Encryption and decryption of online content locks it from being read by unauthorized \\npeople.\\n/SM590000Digital signatures prove authenticity, that th e content is not being changed or counterfeit, \\nsuch as a physical seal.\\n/SM590000Storing the entire communication with signature serves as proof. 16 End-to-end Integration with IBM Sterling B2B In tegration and Managed File Transfer SolutionsBecause these security measures add a certain overhead to the communication, they must \\nonly be used when necessary, but never forgotten when needed. In many situations, it is required by law.\\nLayers \\nAs an analogy, a courier driver would bring the data to the train station and hand it to the train chief for express expedition. None of the intermediary transporters had to care about the contents of the box. Their only task was to bring it to the labelled target address. Further, if the train car was shipped by ferry, the seamen would not care about the contents of the train, only about getting it to the other side. \\nToday, we might see situations where six or more protocols layers are wrapped over each \\nother, much like a set of Russian stacking dolls. Each level needs appropriate tools to encode, decode, and wrap acco rding to the rules expected. A familiar example would be a \\nSOAP-Web service over HTTPS over TCP/IP , or sending files as MQ messages. \\nTo the outside of the enterprise, the choice of transport depends on how your external trading \\npartners are reached, and what both partners are willing to inve st into the pa rtnership. The \\nmore flexible you are in your IT connectivity, the more choices your business has to choose \\npartners for reasons other than only being in reach. \\nInside the enterprise, the decision is up to the enterprise itself. Standardization would be a \\ngood approach, because the more ways you use to connect, the higher the costs are. The fewer different networks and protocols you maintain internally, the cheaper it is for you to do the work. \\nReliability and transaction security\\nIn the vintage model, the operators at the sending end notified the receiving about the number of punchcards or records to be transferred. The receiving end checked the card reader for completeness of the transaction. The operators took care that all cards were read “exactly once, and only once”. If necessary, they repunched damaged cards or rejected the whole batch. \\nWhen we consider current inte gration technology, we ask for the degree of reliability and \\ntransactional safety the technology offers. Beca use this reliability has its costs in terms of \\nlatency and resource  consumption, we have to decide w here a high degree of reliability is \\nnecessary and, conversely, where a low degree can be used when a simpler solution is sufficient. \\nTimeliness of delivery \\nThe partners in the vintage integration model synchronized their data every night. This form of cooperation still exists today as a nightly exch ange of large files, suitable for instance to \\nbootstrap master file data. The masterfile data is characterized by the fact that changes are rare. The enterprises often define the time when master data can change. \\nFile based integration  is well known and straighforward to understand, but not the fastest \\noption. Reliability can be a problem, when unma naged file based protoc ols such as FTP or \\nSFTP are used. Protocols with less overhead, such as remote procedure call or messaging \\nprotocols, are more suitable. \\nToday there are many cases where it is vital to keep the synchronization gap as short as \\npossible; for example, when propagating stock exchange data. In these times of online brokerage, getting the stock rate from last night is not helpful. It is the type of data that needs the shortest synchronization gap possible to get the latest rate.  Chapter 2. Enabling seamless and secure integration inside and outside of the enterprise 17The following questions need to be asked: \\n/SM590000How often must the systems communicate?\\n/SM590000How large are the chunks of information exchanged? \\n/SM590000Are users or systems waiting until their partner system has processed the request? \\nConcerning timeliness, we need to distinguish these parameters:\\n/SM590000Real time\\n/SM590000Near real-time\\n/SM590000Bulk and batch\\n/SM590000Store and forward\\n/SM590000Resend\\nLoose coupling: Th e need to separate \\nIn the vintage model, the companies used single monolithic systems. Inside the enterprise, all \\nusers were working on the same database for all purposes. With growing requirements, this eventually led to severe problems and the systems became unmanageable. After recognizing that issues emerged from too much concentrati on of logic and data, as happens so often in \\nhistory, just the opposite effect resulted; logic and data were distributed all over the enterprise. Today, we can learn from both eras, that too much or too little integration can both cause trouble. \\nWhen discussing integration, it is important to keep in mind cooperation of distinct systems in \\na way that they cooperate seamlessly only in a certain aspect, while staying as independent as possible. These smaller systems are more resilient to change and easier to maintain than the larger systems, because decoupling increa ses the flexibility. De coupling is a major \\nsystem design consideration to be kept in mind, particularly for internal communication. \\nShared databases  guarantee timeliness, but are problematic in terms of security and tight \\ncoupling systems through the use of a common data definition. Remote procedure  call is also \\nproblematic, unless the coupling is loosened by a intermediate layers, as with Web services.\\nThe coupling is always tight when systems comm unicate directly with each other, because \\nthey need to understand a common data format then. Intermediates such as integration hubs and brokers help to connect systems in a way that they remain loosely coupled in that sense. \\nLoose coupling is most relevant when the speed of change in an enterprise is very high.\\n2.1.2  Conclusion\\nThe basic principles might have changed less then expected, but there are some major \\ndifferences today compared to the beginnings of electronic data interchange: \\n/SM590000Agility\\n/SM590000Scale \\n/SM590000Exposure\\nToday, we need to be very flexible and very fast, and we have to address integration tasks that \\nare far beyond what IT specialists in the past might have imagined. And, with the advent of Internet connectivity, we are much more exposed to the risk of attacks. \\n2.2  Secure cooperation with business partners\\nThe use of the term cooperation  instead of integration  emphasizes the obvious difference \\nbetween external and internal communication. Between enterprises, there must be well defined borderlines to be compliant with both company\\'s security requirements as well as with any legal mandates that each company must follow. 18 End-to-end Integration with IBM Sterling B2B In tegration and Managed File Transfer SolutionsSecurity in B2B cooperation has the following meanings:\\n/SM590000Data security : Data is kept safe from being read or changed by unauthorized accesses.\\n/SM590000Authentication of partners and messages : Provide access only to designated parties.\\n/SM590000Authorization : Grant access to only the resources allowed to be used by the partner.\\n/SM590000Non repudiation : Provide proof of data origination and receipt.\\n/SM590000Threat protection : Protect against the many external attacks that communicating over a \\npublic network can present; for example, Denial  of Service, malicious content, and so on. \\nAs described in 1.5, “Conceptual architecture” on page 8, we suggest connecting to partners \\nthrough a combination of technical security and functional isolation:\\n/SM590000The technical security function of a perimeter network (DMZ) compares to the function of a \\nguarded door. Those who want to enter can present their entry credentials, the doorman screens them for obvious security threats, but they do not do their business with the doorman. \\n/SM590000The gateway function is located at a place comparable to a counter behind the guarded \\ndoor, where the actual business exchange takes place. Besides the security aspects that it obviously has, it separates the concerns and spheres of the business partners. Externals \\nare neither entitled nor capable of interacting directly with back office functions. At the counter, they meet front office representatives, who know the external business as well as the internal and mediates for the back offices. \\nProducts such as IBM WebSphere DataPower can provide both the perimeter security and \\ngateway functions in a single device. It is due to the nature of an appliance form factor; most software solutions must distribute each function to remain secure. \\n2.2.1  Technical security function\\nIn information security, the demilitarized zone (DMZ) or network perimeter is a small network \\nsituated between a trusted network and an untrusted one, usually between the LAN and the Internet. The function of a DMZ is to keep all services that have external access (such as HTTP , FTP , mail, and so on) separated from the local network, thus limiting the potential damage in case of compromise of any of these services by an attacker. To achieve this goal, the computers present in a DMZ must not contain any form of local network access.\\nThis configuration is accomplished through the use of equipment in the firewall, which make \\nthe control of access between the local network, the Internet, and the DMZ (or in one generic model, between the two networks to be separated and the DMZ). The equipment in the DMZ can be a dedicated switch or a shared network switch, but in the latter case, it must be set up in separate virtual networks (VLANs) within the equipment.\\nDMZ systems\\nThe system inside of the DMZ has the ability to connect to external partners using a wide \\nrange of standard and non-standard connecti on protocols. The protocols used can vary, \\ndepending on the technologies used in DMZ. Those systems in the DMZ are used as intermediaries for requests from clients. They act as proxies forwarding the requests or files to and from servers inside of the protected network zone. In many cases, they terminate the external connection and perform bridging betwe en protocols on the front-side to protocol on \\nthe back-side. \\nThe DMZ is also called a \\nperimeter  network. Like a perimeter, it allows you to be in contact \\nwith the outside, without being seen as a whole. You can also compare the perimeter zone to the manual process in the vintage model, as discussed in “Security and non-repudiation” on page 15. Any communication, such as incoming cards, are reviewed before they are read to the card reader and are allowed to change data in the core.  Chapter 2. Enabling seamless and secure integration inside and outside of the enterprise 19Requirements for DMZ systems\\nSystems exposed in the DMZ typically include these requirements:\\n/SM590000No files ought to be at rest in the DMZ unless they are encrypted.\\n/SM590000If connections are needed from systems in the DMZ to systems in the secured network, \\nlock the inner firewall to only allow data to be passed from the DMZ system\\'s IP and Port.\\n/SM590000Isolate internal and external connections on separate Ethernet adapters.\\n/SM590000Use IP filtering at the outer firewall to only accept data from known IP addresses.\\n/SM590000Perform session breaks and protocol termination in the DMZ.\\n/SM590000Key management; keep public keys of partners and your own private keys secure.\\n2.2.2  Gateway function\\nThe gateway does what a front desk does in a shop organization. The gateway function is \\nenabling the isolation of partner data from its own data. It assures a single view to the partner from the inside, much as the enterprise service bus assures a single view to the inside for partners and internal participants. Figure 2-2 shows this function.\\nFigure 2-2   Gateway interaction pattern Security:  IBM Sterling has the ability to provide ad ded security by using software that \\nlimits the need to open holes through the inner firewall. Sterling Perimeter Services establishes outward-in connectively from within the secured network to the DMZ.\\n 20 End-to-end Integration with IBM Sterling B2B In tegration and Managed File Transfer SolutionsStopping proliferation of partner logic into the internal network\\nBusiness agility is the flexibility to add customer s at a fast pace and change suppliers when \\nthe business needs it, not when the informat ion technology is finally available. A major \\nprecondition to becoming agile is to define a place where all particular things about single \\ncustomers or partners are handled. The gateway is the place designed for that task. \\nA single view of the partner\\nWhat does it mean when we say that a gateway maintains a single view of the partner regardless of its particularities? It means that we use an abstraction. We do not consider them as single partners, whether they are customer or supplier, but classify them into categories. The particularities are hidden under a single enterprise-wide facade. We do much the same when we define service abstraction in the internal network. \\nHow service abstraction is done\\nThe abstraction of different partner applications into a limited set of services happens on different levels:\\n1. Identify and assign: Identifying your abstract services candidates and assigning particular \\nimplementations of your partners to the internal service\\n2. Convert technically: Conversions of transport protocols and encoding\\n3. Translate semantics: Translations of field names and values\\nThe first step only happens when you begin to work in a service oriented manner, and when \\nnew business fields are added. A simple example of this step is to abstract the ordering of goods from various suppliers into a single service definition. In the rare case, all of your suppliers would use the same EDI standards, but different transport protocols, you would only need to do technical conversions. In most cases, semantic translations are necessary. \\nNon repudiation\\nNon repudiation has been discussed in the context of security aspects. This term refers to the archiving of information for the purpose of proofing the contents and time of a certain communication. That can be necessary in the result a dispute; for example, when a customer denies an order because they do not want to pay for goods you have delivered. In such cases, you are challenged to show proof of the order. \\nTechnically, a widely used form of non repudiation proof is to save a copy (a hash) of the \\nincoming message with the message digest that is generated with the private key of the sender. Because the private key is only known to the sender, and the hash (message digest) is a unique product of exactly the message to be proofed, it is a suitable method.\\n2.2.3  Technology choices\\nThe technology choices for the perimeter network and gateway are shown in Table 2-1.\\nTable 2-1   Technology choicesTip: Prepare for future changes in your partner service definitions. Include explicit version \\nnumbers in your service definitions. \\nSterling B2B \\nIntegratorSterling Secure \\nProxyWebSphere \\nDataPower XB62\\nDMZ component Perimeter server proxy \\nonlyProxy Hardware appliance Chapter 2. Enabling seamless and secure integration inside and outside of the enterprise 21The products mentioned Table 2-1 on page 20 are introduced in depth in the following \\nsections.\\nSterling B2B Integrator\\nIBM Sterling B2B Integrator offers perimeter security, gateway, and transformation engine in one product. It automates business processes shared with trading partners. The goal is automation of the complete “buy-sell-ship-pay” process that involves a range of documents and business processes, which include not just the buyer or seller of the goods/services, but also banks and third party logistics companies. The solution automates these processes and provides visibility into data and processes shared  with external entities.\\nSterling B2B Integration can address the following issues:\\n/SM590000Manual paper based processes\\n/SM590000Lack of visibility\\n/SM590000Limited internal resources\\n/SM590000Inefficient partner onboarding\\nCapabilities of Sterling B2B Integrator include the following features:\\n/SM590000Security features:\\n– Identity management, including authorization and authentication\\n– Perimeter security at DMZ traversal– Role-based data access and system operation– Secured mailboxing repositoryTrusted network \\ncomponentConfiguration, \\nmapping, translation, and so on. (See \\n“Sterling B2B \\nIntegrator” on page 21)Configuration \\nManagerConnect from a thin \\nclient for configuration. The XB62 typically sits \\nin the DMZ and has no \\nrequirement for \\nanything in the trusted \\nzone; it can integrate directly to the internal \\nESB or application. \\nProtocols and \\nstandards supportedWide range Selected Wide range. The only \\nthing Sterling B2B \\nIntegrator has that XB62 does not have is \\nConnect:Direct \\nprotocol.\\nPartner profiles Yes No Yes\\nStrength versatility and \\nscalabilityadds extra perimeter \\nsecurityLow leniency, highly \\nsecure, ease of install, \\nease of maintenance\\nPartner Self service Password \\nmanagementPartner transaction \\nvisibility and resend capabilities\\nCryptographic \\naccelerationHardware based \\naccelerationSterling B2B \\nIntegratorSterling Secure \\nProxyWebSphere \\nDataPower XB62 22 End-to-end Integration with IBM Sterling B2B In tegration and Managed File Transfer Solutions– Data transport security (SSL, SFTP/SSH) and data encryption (S/MIME and PGP) \\nsupport\\n– Non repudiation using the AS2 (Applic ability Statement 2)  or AS3 protocol\\n– Digital signature support– Message- and transport-level security based on WS-Security 1.0 compliance, including \\nWS-I Basic Profile 1.1 and Basic Security Profile 1.0\\n/SM590000Communication features:\\n– B2B communication protocols: Web services (SOAP), S/FTP/S client and server, \\nHTTP and HTTP/S, SMTP (Simple Mail Transfer Protocol), AS1, AS2, AS3 and RosettaNet, WebDAV, Zengin TCP/IP , IBM St erling Connect:Direct, EBICS (Electronic \\nBanking Internet Communication Standard)\\n– Policy-based file transfer– Multi-gigabyte file handling– IPv6 compatible\\n/SM590000Business process management:\\n– Graphical process modeling tool\\n– Business process execution engine– Process abstraction (layered modeling and component reuse)\\n/SM590000Integration and transformation:\\n– Multi-purpose data transformation engine\\n– Traditional EDI: X12, EDIFACT, CII, TRADACOMS, and Verband der \\nAutomobilindustrie (VDA)\\n– XML standards: OAGi, CIDX, PIDX, and RosettaNet– Internet standards for B2B data exchange: RosettaNet RNIF , ebXML, 1SYNC, and \\nEBICS (France)\\n– XSLT service to transform XML documents– Supports WTX translations– Graphic data mapping tool– Virtually unlimited file size (up to 50 gigabytes)– Validation of inbound and outbound data based on HIPAA rules defined for Level 1 – \\nLevel 6\\n– Intelligent (cont ent-based) routing\\n– Interoperable with .Net 1.1/2.0, Axis 1.x/2.0, Xfire 1.2.6 and Java EES\\n/SM590000Community management:\\n– Manage and grow trading partner communities\\n– Centralized visibility into trading partner communities\\n– Reduce error rates– Digital certificates deployment– Customizable partner configuration– Intelligent onboard ing with partner self-provisioning \\n/SM590000Application extension and customization:\\n– Web services: Support for SOAP , WDSL\\n– Integrated Development Environment (IDE): Tool to speed custom app/dev work– Software Development Kit (SDK): Toolkit to create your own adapters to systems\\n/SM590000More than 300 comprehensive connectivity adapters:\\n– Enterprise applications:\\nSAP (BAPI, IDOC, and Netweaver), Oracle, Manu gistics, PeopleSoft, Siebel, Vantive, \\nJD Edwards, I2, IBM Sterling Connect:Direct, IBM Sterling Connect:Enterprise™, IBM Sterling Gentran:Server®, GXS, IBM Chapter 2. Enabling seamless and secure integration inside and outside of the enterprise 23– EAI messaging platforms\\n– IBM WebSphere MQ, Oracle AQ, BEA Tuxedo, TIBCO Rendezvous, Vitria \\nBusinessware, WebMethods Enterprise, Microsoft MSMQ, JMS Queue and Topic Technology, JDBC, CORBA, LDAP , command line, file system, EJB, RMI, SNMP trap, IBM CICS®, JCA CCI, SSO, JSA, IM (Instant Messaging)\\n/SM590000Monitoring:\\n– Monitoring with alerts for Sterling Integrator™ resources, including system status, \\ndatabase growth, and average business wait time\\n– Running or restarting any failed or halted business process– Initiating key functions such as managing lock resolution for users and resources, \\ninitiating thread/ heap dumps, and turning logging on and off\\nSterling File Gateway\\nSterling File Gateway is an application for transferring files between partners using different protocols, file naming conventions, and file formats. It moves large and high-volume file transfers, with end-to-end visibility of file movement, in a process-oriented and \\nhighly-scalable framework. It also alleviates file  transfer challenges, such as protocol and file \\nbrokering, automation, and data security.\\nSterling File Gateway supports integration with Sterling B2B Integrator Mailbox, Sterling \\nControl Center, Sterling Connect:Enterprise for UNIX server products, Sterling Secure Proxy and Sterling Connect:Direct. Sterling File Gateway is an add-on to the Sterling B2B Integrator platform with a unique application URL that provides single sign-on access to the Sterling B2B Integrator administrative console through menu selection.\\nSterling File Gateway allows organizations to ta ke complete control over file transfers with \\ntrading partners. Built on Sterling B2B Integrator, Sterling File Gateway offers a scalable architecture and a centralized file gateway with the capabilities nece ssary to monitor, \\nadminister, route, and transform high volumes of inbound and outbound files.\\nWith Sterling File Gateway, the benefits of a standardized file transfer approach extend \\nbeyond the reliable and secure transmission of files with trading partners. A centralized gateway enables the consolidatio n of disparate file transfer activity. Intellig ent routing and \\ncontent-driven transformation  capabilities help optimize file delivery processes. \\nSubsequently, IT staff and users become more efficient, and platform consolidation helps reduce total cost of ownership.\\nHow Sterling B2B Integrator and St erling File Gateway work together\\nWithin Sterling File Gateway, Sterling B2B Integrator is known as the B2B Console and is \\naccessed from the Tools menu. Administrative functions, such as creating and managing user accounts, permission groups, and security keys for Sterling File Gateway, are handled in Sterling B2B Integrator.\\nSterling File Gateway uses the following Sterling B2B Integrator communication adapters:\\n/SM590000 FTP Server\\n/SM590000 FTP Client\\n/SM590000 SFTP Server\\n/SM590000 SFTP Client\\n/SM590000 HTTP Server\\n/SM590000 HTTP Client\\n/SM590000 Connect:Direct server\\n/SM590000 Command Line adapter 2 (for PGP) 24 End-to-end Integration with IBM Sterling B2B In tegration and Managed File Transfer SolutionsSterling Secure Proxy \\nIn the scenarios in this book, Sterling Secure Proxy acts as an application proxy between the \\nexternal partners and the Sterling File Gateway server. It provides a high level of data protection between the external connections and an internal network. It allows the organizations to create firewall rules in order to prevent trading partners from obtaining direct access to their inter nal backend systems.\\nSterling Secure Proxy is an application proxy that secures and shields your trusted network \\nfrom external attacks by preventing direct communications between trading partners and internal servers. Sterling Secure Proxy provides demilitarized zone-based (DMZ) authentication, session breaks, and SSL terminations prior to allowing communications with the trusted network. It allows you to protect your trusted zone from unauthorized access by enforcing even tighter controls with multifactor authentication.\\nCapabilities of Sterling Secure Pr oxy include the following features:\\n/SM590000Application proxy:\\n– Resides in the demilitarized zone (DMZ ) and supports multip le DMZ environments\\n– Meets customer requirements for all-electronic data transfer– Supports FTP , FTPS, HTTP , HTTPS, SSH/SFTP , PeSIT, and Connect:Direct protocols– Supports IBM Sterling Connect:Direct, IBM Sterling Connect Express and IBM Sterling \\nB2B Integrator servers\\n/SM590000Firewall navigation:\\n– Prevents inbound holes in the firewall\\n– Minimizes rich targets in the DMZ by ensuring that files, user credentials and data are \\nnot stored in the DMZ\\n– Establishes sessions from more-trusted to less trusted zones– Enforces internal and external security policies\\nFigure 2-3 provides an example.\\nFigure 2-3   Sterling Secure Proxy Session breaks\\nTrusted Zone DMZ\\nSSL S essio n  wi th  \\ntrading partnerSepa rate SSL Session with \\nendpoint in trus te d z one\\nSSL Authentication \\ntakes place in DMZSt erling Secure Proxy Tradin g Pa rtne r\\nHTTP STradin g Pa rtne r\\nFTPS\\nInternet\\nIB M Sterling I ntegr ator\\nIBM St e rling File Gateway\\nConn ect:Direct\\n Chapter 2. Enabling seamless and secure integration inside and outside of the enterprise 25/SM590000Perimeter security:\\n– Session break and protocol validation: Prevents direct communications between \\ninternal and external sessions by establishing SSL session breaks in the DMZ, as shown in Figure 2-3.\\n– Inspects protocol and sensitive control information, enabling configurable error \\nhandling for protocol violations.\\n– Certificate validation and authentication: Authenticates incoming connections using the \\nSSL or TLS protocol. Exchanges and validates certificates prior to allowing a separate connection to the trusted zone.\\n– Multifactor authentication: Enforces tight controls with strong validation of trading \\npartner identity in the DMZ using IP address, CRL checks, and custom lookups with options to interface with external user datab ases such as LDAP , Active Directory and \\nIBM Tivoli® Access Manager.\\n– Session limits and data encryption: Ensures business continuity and guards against \\nDenial-of-Service attacks with support for SSL and TLS encryption algorithms.\\n– User ID mapping: Protects internal applications by mapping trading partner user IDs \\nand passwords to user IDs and pass words valid for internal systems.\\n/SM590000Clustering:\\n– One central configuration manager pushes out configuration rules to multiple engines \\nrunning in the DMZ, making it easy to scale.\\n– Clustering for high availability and load ba lancing provides operational continuity and \\nimproved performance.\\nSterling Secure Proxy is suitable for the technical part of security described in the DMZ. it \\ndoes not provide the isolation features needed in a gateway. As a gateway, Sterling Connect:Direct and Sterling B2B Integrator can be used. \\nWebSphere DataPo wer XB62 appliance\\nLike Sterling B2B Integrator, WebSphere DataPower XB62 offers DMZ and gateway \\nfunctionality. Because the WebSphere DataPower appliance is a firmware hardened appliance it provides a different approach by  centralizing and consolidating the gateway \\nfeatures in the DMZ. Y ou can quickly access new customers and new routes to market with standards-based trading partner management. In hi ghly sensitive applications, cryptographic \\nkeys require the enhanced protection of certified FIPS 140-2 Level 2 or Level 3 hardware security modules (HSMs). The WebSphere DataPower XB62 appliance includes an HSM option. It augments the powerful authenticati on and SOA security capability of DataPower to \\nfurther protect organizations’ data.\\nHere are the main features of WebSphere DataPower XB62 appliance:\\n/SM590000Broad connectivity:\\n– HTTP / HTTPS support (including SSL termination)\\n– Supports WebSphere MQ 7 softw are-based high  availability\\n– Supports WebSphere MQ Channel exits for increased security– Secure File Transfer  Protocol (SFTP) client and polling support\\n– SFTP Server Service\\n– Improved transactional integrity with IBM IMS™ Connect– FTP and FTPS support for both client and server side connections\\n– Database connectivity\\n– WebSphere Java Messaging Service– Tibco Enterprise Message Service (requires Option for Tibco Enterprise Message \\nService)\\n– SMTP and POP support 26 End-to-end Integration with IBM Sterling B2B In tegration and Managed File Transfer Solutions– MQFTE Client Connections\\n– Network File System (NFS)\\n/SM590000Support for multiple authentication and authorization mechanisms:\\n– WS-Security, WS-Security Policy, and Extensible Access Control Markup Language \\n(XACML)\\n– SAML 1.0, 1.1, and 2.0– S/MIME digital signature and encryption– XML digital signature and encryption– Integration with Tivoli Access Manager (requires Option for Tivoli Access Manager)– Full support for WS-Proxy validation of Message Transmission Optimization \\nMechanism (MTOM)-based SOAP messages\\n– Increased WS-Security interoperability with WebSphere Applic ation Server and \\nMicrosoft WCF framework\\n/SM590000Business to business:\\n– Support for AS1, AS2, AS3, and ebMS\\n– Trading partner management– Support for ebXML Collaboration Protocol Profile and Agreement v2.0 – Support for EDI X12, EDIFACT and XML B2B payloads– B2B transaction visibility in an easy to use B2B Transaction Viewer\\n/SM590000Data transformation and validation:\\n– Native XML Schema and WSDL validation\\n– XSLT-based transformations– Any-to-any transformation using WebSphere Transformation Extender– Supports DPA maps created in WTX Design Studio– Supports type trees from the HL7 Industry pack\\n/SM590000Interoperability:\\n– Flexible subscription support for service metadata stored in external repositories such \\nas WebSphere Service Registry and Repository (WSRR)\\n– Support for WS-Policy attachments authored within WSRR– Local mode support when integrating with Tivoli Access Manager– Full support for WS-Proxy validation of MTOM-based SOAP messages\\n– Increased WS-Security interoperab ility with WebSphere Application Server\\n– Integration with WebSphere Integration Developer for the development and \\ndeployment of XSLT transformations\\n– Improved integration with WebSphere Transformation Extender– Integration with WebSphere Application Accelerator for Public Networks for optimal \\ndelivery of web and Web 2.0 applications across the public Internet\\n– Integration to IBM z/OS\\n®\\n– Enhanced Integration to WebSphere MQ File Transfer Edition– Granular import and export capabilities\\n– Deployment policies providing dynamic configuration changes upon import– Ability to configure the appliance in a We b GUI, using Command Line or using a SOAP\\n/SM590000Enhanced manageability:\\n– Simplified backup and restore process\\n– Java-based appliance management API with support for Jython– Granular logging capabilities– Probe to trouble process flow– SMTP Traps for monitoring appliance health and transaction statistics– Service Level Management allowing data shaping, throttling, or rejection  Chapter 2. Enabling seamless and secure integration inside and outside of the enterprise 272.2.4  Small enterprises\\nWith tight budgets and limited skill resources, sm all enterprises tend to  choose a B2B solution \\nthat combines all of the needed functionality in one product and is easy to manage. \\nSterling B2B Integrator offers a wide range of functionality with protocols and standards \\nsupported. It comes with perimeter security at DMZ traversal out of the box. The perimeter server comes as integral part of the product, but the component can be installed on a different system in DMZ, separated from the Sterling B2B Integrator server. \\nThe perimeter service terminates the protocol in the DMZ and route the payload to the server \\nusing an internal protocol to Sterling B2B Integrator. It is configured only by the main Sterling B2B Integrator. Sterling B2B integrator calls the Perimeter Server from inside to establish the session. Data then flows between them in both directions. \\nFigure 2-4 provides details.\\nFigure 2-4   Sterling B2B Integrator perimeter server as session breaker\\nAs IBM offers cloud-based, hosted Sterling B2B Services, it is also an alternative for small \\nbusinesses who do not want to maintain their own installation and DMZ security. The hosted services guarantee defined levels of reaction to security threats and proactive security, such as updating to the newest levels, that otherwise can be hard to achieve for a small business.\\n2.2.5  Medium and large enterprises\\nMedium enterprises face different workloads and might need to scale up their infrastructure. They also can begin to combine products to make better use of product specific strengths, such as large enterprises. \\nSterling B2B Integrator clustered\\nTo scale for higher loads, additional instances of Sterling B2B Integrator can be added to work in a Sterling B2B integrator cluster. The two instances are much like a single logical node, and there is load balancing organized from the perimeter server and a tight band between the nodes, where load information is constantly exchanged. It happens through JMS communication.DMZEnterprise Secure Zone\\nT\\nR\\nA\\nD\\nI\\nN\\nG\\nP\\nA\\nR\\nT\\nN\\nE\\nR\\nSPartner\\nIntegration\\nZone\\nSterling\\nB2BI \\nPerimeter\\nServiceSterling\\nB2B\\nIntegrator DMZEnterprise Secure Zone\\nPartner\\nIntegration\\nZone\\nPerimeter\\nserverSterling\\nB2B\\nIntegrator  28 End-to-end Integration with IBM Sterling B2B In tegration and Managed File Transfer SolutionsFigure 2-5 provides details.\\nFigure 2-5   Sterling B2B Integrator clustered\\nSterling Secure Proxy use\\nWhen a significant amount of the B2B load is lifted using the FTP , FTPS, HTTP , HTTPS, \\nSSH/SFTP , PeSIT, and Sterling Connect:Direct protocols, the enterprise can use Sterling \\nSecure Proxy to achieve additional perimeter security. \\nIf a high amount of Connect:Direct file transfers is to be handled, the enterprise might want to \\nuse the standalone Connect:Direct server instead of the additional Sterling B2B Integrator Connect:Direct service. To place a Connect:Direct server into the DMZ would be a security risk, because it would expose files, user credentials, and data. \\nWhen the enterprise uses a multitude of clustered installations, Sterling Secure Proxy can \\ndistribute the configurations from a central Configurations Manager inside the trusted zone to all instances of Sterling Secure Proxy in the DMZ. \\nWebSphere Data Power XB62 use \\nThe WebSphere DataPower B2B Appliance is well suited for use in the DMZ because it is a \\nnetwork security device that adds security gateway and integration functions in a tamper resistant hardware form factor. Additionally, it provides the option of being able to store private keys on a Hardware Security Module (HSM). Additionally, any sensitive data at rest in the DMZ on the device is stored AES encrypted.\\nThe DataPower appliance can pe rform, not only some decryption and encryption tasks at \\nvery high velocity, but also other mappings close to or even at wire speed. For a number of a protocols and standards, it delivers a complete solution. With others, it can be used as security and speed enhancer in cooperation with Sterling B2B Integrator.\\nBecause of its special hardened architecture as a firmware appliance, the DataPower is safe \\nto do tasks in the DM Z that otherwise woul d not be done there. Enterprise Secure Zone\\nSterling\\nB2B\\nIntegrator DMZEnterprise Secure Zone\\nT\\nR\\nA\\nD\\nI\\nN\\nG\\nP\\nA\\nR\\nT\\nN\\nER\\nSSterling\\nB2B\\nIntegrator \\nSecure \\nProxySterling\\nConnect:Direct Perimeter\\nserverSecure \\nProxy\\nSP Config ManagerPartner\\nIntegration Zone Chapter 2. Enabling seamless and secure integration inside and outside of the enterprise 29Figure 2-6 provides details.\\nFigure 2-6   WebSphere DataPower XB62 in a DMZ perimeter zone\\n2.3  Seamless integration inside the enterprise\\nWhen dealing with internal integration, you need to determine how internal systems within the \\nenterprise need to cooperate with each other and with the external partners. The technical setup of the communication is important, but it is even more important to consider the strategic and organizational aspects associated with it. \\nWhen talking about the seamless integration inside the enterprise, we need to consider two \\nimportant concepts:\\n/SM590000Messaging\\n/SM590000Enterprise Service Bus\\n2.3.1  Connectivity matters: Messaging\\nIf we consider connectivity in a modern medi um or large enterprise, we might have to \\nexamine a significant number of different network protocols. Most of them are based on the IP protocol. Other base protocols, such as SNA, might only be relevant in smaller parts of the topology. But on top of the base of IP protocol, a large number of different protocols can be used. If you allow the connectivity to grow wild as  projects demand it in the first request, you \\ncan end up with a connectivity tangle that is very hard to manage or can even be called unmanageable:\\n/SM590000Firewall administration becomes a tricky job; the rules list grows longer and longer.\\n/SM590000Loads generated by different tasks of different importance are transported at the same \\nwith undifferentiated service levels.Enterprise Secure Zone\\nSterling\\nB2B\\nIntegrator DMZEnterprise Secure Zone\\nT\\nR\\nA\\nD\\nI\\nN\\nG\\nP\\nA\\nR\\nT\\nN\\nE\\nR\\nSSterling\\nB2B\\nIntegrator \\nSecure \\nProxyPerimeter\\nServerWebsphere MQ\\nSterling\\nConnect:Direct Websphere\\nDatapower\\nXB62 30 End-to-end Integration with IBM Sterling B2B In tegration and Managed File Transfer SolutionsIn particular, the situation described in the second bullet can lead to very bad effects: If a \\nserver hosting a customer order application is unresponsive because a router it is attached to is busy doing something that is not urgent (s uch as a database backup), the enterprise might \\npay fines for missing a service level agreement. There are different mitigations for such risks, such as separating the transport routes by adding hardware or managing communications more efficiently. \\nWe think that the use of messaging can be an excellent choice for managing all \\ncommunications by standardized means. Messaging can \\nwrap  other forms of \\ncommunications and give the administrator a single point of management. Because messaging is not transient, communication can be replayed when needed. We discuss WebSphere MQ based messaging in this section. Many of the features mentioned here are also available in the Java based messaging, as in the WebSphere Application Servers Service Integration Bus.\\nWithin MQ, you can distinguish the service leve ls for messages by t he required reliability, \\nspeed, and security at different levels, but with a single point for maintenance and monitoring:\\n/SM590000Y ou can vary the level of persistence from a hardened state. It is designed to recover \\nmessages also after severe errors, over a medium, where messages survive queue manager restarts to “not persistent,” where messages are not kept when the queue manager is stopped.\\n/SM590000The speed of messages can be varied by the bat ch size of transmission batches, priority \\nflags, and the assignment of fast transmission means such as separate TCP/IP channels. \\n/SM590000Security is managed on a per message base by encrypting and signing payload from \\nend-to-end, or on channel base, by encrypting and signing the whole channel traffic only between queue managers. \\n/SM590000Very large chunks of data, such as large files, can be split into a number of smaller \\nmessages, to prevent the large payload from blocking a communication channel completely for a long time. \\n/SM590000Messages can carry an “expiration” flag. For example, messages related to an online \\ncommunication would expire when the online dialog has a timeout, to guarantee that no obsolete traffic clutters the network.\\n/SM590000If you want, message expiration can be reported to notify the operators.\\nThese examples are taken from the toolbox that WebSphere MQ brings, helping you to wrap \\nother protocols within WebSphere MQ. If you ar e not familiar with WebSphere MQ, read the \\nfollowing section for more information.\\n2.3.2  WebSphere MQ\\nWebSphere MQ is the market-leading messaging integration middleware product. Over more \\nthan 15 years, WebSphere MQ (or MQSeries® as it was known in earlier versions) has grown to provide flexible and reliable solutions that address the wide range of requirements introduced in the previous chapter.\\nA message queuing infrastructure built on WebSphere MQ technology provides an available, \\nreliable, scalable, secure, and maintainable transport for messages with guaranteed once-only delivery. Many enhancements have been added to WebSphere MQ during its evolution in the marketplace:\\n/SM590000WebSphere MQ Clients: Enables an application to connect remotely or locally to a \\nWebSphere MQ queue manager.\\n/SM590000Publish/Subscribe: Increases messaging capab ility from point-to-poi nt messaging to a \\nless coupled style of messaging. Chapter 2. Enabling seamless and secure integration inside and outside of the enterprise 31/SM590000MQ Clusters: Allows multiple instances of th e same service to be hosted through multiple \\nqueue managers, to enable load-balancing and fail-over and simplify administration.\\n/SM590000Secure Sockets Layer support: SSL protocol can be used to secure communication \\nbetween queue manage rs or MQ Client.\\n/SM590000Diverse platforms: WebSphere MQ supports a wide range of operating system platforms.\\nCore concepts of WebSphere MQ\\nData is transferred between applications in messages. A message is a container consisting of \\ntwo parts:\\n/SM590000MQ Message Descriptor: Identifies the message and contains additional control \\ninformation such as the type of message and the priority assigned to the message by the sending application.\\n/SM590000Message data: Contains the application data. The structure of the data is defined by the \\napplication programs that use it, and MQ is largely unconcerned with its format or content. \\nThe nodes within a WebSphere MQ message queuing infrastructure are called queue \\nmanagers. The queue manager is responsible for accepting and delivering messages. Multiple queue managers can run on a single physical server or on a wide network of servers across a large variety of different hardware and operating system platforms.\\nEach queue manager provides facilities for relia ble messaging using both  point-to-point and \\nPublish/Subscribe styles.\\nThe queue manager maintains queues of all messages that are waiting to be processed or \\nrouted. Queue managers are tolerant of failures and maintain the integrity of business-critical data flowing through the message queuing infrastructure.\\nThe queue managers within the infrastructure are connected by logical channels over a \\ncommunications network. Messages automatically flow across these channels from the initial producer of a message to the eventual consumer  of that message based on the configuration \\nof the queue managers in the infrastructure. Changes can be made to the configuration of queues and channels, and it is transparent to the applications.\\nAsynchronous messaging\\nTwo applications that must communicate, whether hosted on the same machine or separate machines, might have originally been designed to  do so directly and synchronously. It was a \\ncommon messaging technique used prior to the introduction of WebSphere MQ.\\nIn this case, the two applications exchange information by waiting for the partner application \\nto become available and then sending the information. If the partner application is unavailable for any reason, including if it is busy performing communication with other applications, the information cannot be sent.\\nAll intercommunication failures that can occur between the two applications must be \\nconsidered individually by the applications, whether they are on the same machine or on different machines connected by a network. It requires a protocol for sending the information, confirming receipt of the information, and sending any subsequent reply.\\nPlacing a WebSphere MQ infrastructure between the two applications allows communication \\nto become asynchronous. One application places information for the partner in a message on a WebSphere MQ queue, and the partner application processes this information when it is available to do so. If required, It can then send a reply message back to the originator. The applications do not need to be concerned with intercommunication failures or recovery. 32 End-to-end Integration with IBM Sterling B2B In tegration and Managed File Transfer SolutionsWebSphere MQ Client\\nWebSphere MQ Client is a light-weight component of WebSphere MQ that does not require \\nthe queue manager run-time co de to reside on the client syst em. It enables an application \\nrunning on the same machine as the client to connect to a queue manager that is running on another machine and perform messaging operations with that queue manager. Such an application is called a client and the queue manager is referred to as a server.\\nUsing MQ Client is an effective way of implementing WebSpher e MQ messaging and \\nqueuing. The benefits of doing this are as follows:\\n/SM590000There is no need for a licensed WebSphere MQ server installation on the client machine.\\n/SM590000Hardware requirements on the client system are reduced.\\n/SM590000System administration requirements on the client system are reduced.\\n/SM590000An application using MQ Client  can connect to multiple queue managers  on different \\nmachines.\\nApplication programming interfaces (APIs)\\nApplications can use WebSphere MQ by several programming interfaces.\\nMessage Queue Interface\\nThe native interface is the Message Queue Interface (MQI). The MQI consists of the following \\nfeatures:\\n/SM590000Calls through which programs can acce ss the queue manager and its facilities\\n/SM590000Structures that programs use to pass data to, and get data from, the queue manager\\n/SM590000Elementary data types for passing data to, and getting data from, the queue manager\\n/SM590000Classes in object-oriented languages for accessing data, the queue manager, and its \\nfacilities\\nMany programming languages and styles are supported depending on the software and \\nhardware platform, for example, C, Java, and most other popular languages.\\nStandardized APIs\\nUtilizing a standardiz ed API can add additiona l flexibility when accessing services through a \\nmessage queuing infrastructure. This book uses  the term standardized API to represent APIs \\nthat are not proprietary to an individual product, such as WebSphere MQ.\\nHere are some examples of standardized APIs that can be used to access services provided \\nthrough a WebSphere MQ infrastructure:\\n/SM590000Java Message Service (JMS)\\n/SM590000IBM Message Service Client (XMS)\\nWide adoption of these APIs can occur across mu ltiple products. For example, the JMS API is \\nan industry standardized API for messaging within the Java Enterprise Edition (Java EE) specification.\\nReliability and data integrity\\nThe intercommunication performed across channels between queue managers is tolerant of network communication failures, and WebSphere MQ assures once-only delivery of messages. Chapter 2. Enabling seamless and secure integration inside and outside of the enterprise 33Persistent and non-persistent messages\\nMessages containing critical business data, such as receipt of payment for an order, need to \\nbe reliably maintained and must not be lost in the event of a failure. On the other hand, some messages might only contain query data, where th e loss of the data is not crucial because \\nthe query can be repeated. In this case, performance might be considered more important than data integrity. \\nTo maintain these opposite requirements, WebSphere MQ uses two type of messages, \\npersistent and non-persistent:\\n/SM590000Persistent messages: WebSphere MQ does not lose a persistent message through \\nnetwork failures, delivery failures, or restart of the queue manager. Each queue manager keeps a failure-tolerant recovery log of all actions performed upon persistent messages. It is sometimes referred to as a journal.\\n/SM590000Non-persistent messages: WebSphere MQ optimizes the actions performed upon \\nnon-persistent messages for performance. N on-persistent message storage is based in \\nsystem memory, so it is possible they can be lost in situations such as network errors, operating system errors, hardware failure, queue manager restart, and internal software failure.\\nUnits of work\\nMany transactions performed by an application cannot be considered in isolation. An application might need to send and receive multiple messages as part of one overall action. Only if all of these messages are successfully sent or received, are any messages sent or received.\\nAn application that processes messages migh t need to perform coordinated work against \\nother resources as well as the WebSphere MQ infrastructure. For example, it can perform updates to information in a database based upon the contents of each message. The actions of retrieving the message, sending any subsequent reply, and updating the information in the database must only complete if all actions are successful.\\nThese actions are considered to be a unit of work (UOW). Units of work performed by \\napplications accessing a WebSphere MQ infras tructure can include sending and receiving \\nmessages as well as updates to databases. WebSphere MQ can coordinate all resources to ensure that a unit of work is only completed if all actions within that unit of work complete successfully.\\n2.3.3  Enterprise Service Bus (ESB): Enab ler for Service Oriented Architecture \\nIn software engineering, a Service Oriented Architecture (SOA) is a set of principles and \\nmethodologies for designing and developing software in the form of interoperable services. In order to implement an SOA, both applications and infrastructure must support the SOA principles. Enabling applications involves the cr eation of service interfaces to existing or new \\nfunctions, either directly or through the use of adapters. Enabling the infrastructure at the most basic level involves the provision of capab ility to route and transport service requests to \\nthe correct service provider. The role of the Enterprise Service Bus is, in part, simply to enable the infrastructure in this way.\\nValue of the ESB concept\\nThe true value of the Enterprise Service Bus (ESB) concept, however,  is to enable the \\ninfrastructure for SOA in a way that reflects the needs of today\\'s enterprise: to provide suitable service levels and ma nageability, and to o perate and integrate in a heterogeneous \\nenvironment.  34 End-to-end Integration with IBM Sterling B2B In tegration and Managed File Transfer SolutionsThe ESB must enable the substitution of one service implementation by another with no effect \\non the clients of that service. It requires both the service interfaces that are specified by SOA and that the ESB allows client code to invoke se rvices in a manner that is independent of the \\nservice location and communication protocol that is involved.\\nESB introduces features that can improve resp onsiveness, customer service, transaction \\ntime, and partner interactions. An ESB provid es capabilities that enhance both direct \\nconnection between applications and routing requests among applications.\\nAn ESB supports the concep ts of SOA implementati on in the following ways:\\n/SM590000Decoupling the consumer\\'s view of a service from the implementation of a service\\n/SM590000Decoupling technical aspect s of service interactions\\n/SM590000Integrating and managing services in the enterprise\\nDecoupling the consumer\\'s view of a servic e from the actual implementation greatly \\nincreases the flexibility of the architecture. It allo ws the substitution of one service provider for \\nanother (for example, because another provider offers the same services for lower cost or with higher standards) without the consumer being aware of the change or without the need to alter the architecture to support the substitution.\\nThis decoupling is better achieved by having the consumers and providers interact through \\nan intermediary. Intermediaries publish servic es to consumers. The consumer binds to the \\nintermediary to access the service, with no direct coupling to the actual provider of the service. The intermediary maps the request to the location of the real service implementation.\\nIn an SOA, services are described as being loosely coupled. However, at implementation \\ntime, there is no way to loosely couple a service or any other interaction between systems. The systems must have some common understand ing to conduct an interaction. Instead, to \\nachieve the benefits of loose coupling, consideration must be given to how to couple or decouple various aspects of service interactions, such as the platform and language in which services are implemented, communication protocols used to invoke services, and data formats used to exchange input and output data between service consumers and providers.\\nFurther decoupling can be achieved by handling some of the technical aspects of \\ntransactions outside of applications. It can apply the following aspects of interactions:\\n/SM590000How service interactions are secured.\\n/SM590000How the integrity of business transactions and data are maintained (for example, through \\nreliable messaging, the use of transaction monitors, or compensation techniques).\\n/SM590000How the invocation of alternative service providers is handled in the event that the default \\nprovider is unavailable.\\nThe role of the ESB is to fulfill these needs by provid ing the following functions:\\n/SM590000Map service requests from one protocol and address to another.\\n/SM590000Transform data formats.\\n/SM590000Support a variety of security and transactional models between service consumers and \\nservice providers and recognize that consumers and providers might support or require different models.\\n/SM590000Aggregate or disaggregate service requests and responses.\\n/SM590000Support communication protocols between multiple platforms with appropriate qualities of \\nservice.\\n/SM590000Provide messaging capabilities such as mess age correlation and pu blish/subscribe to \\nsupport different messaging models such as events and asynchronous request/response. Chapter 2. Enabling seamless and secure integration inside and outside of the enterprise 35Figure 2-7 shows the role of the ESB.\\nFigure 2-7   The role of the ESB \\nApplication integration ve rsus service integration\\nAgain, invoking the front office scenario described in 2.2.2, “Gateway function” on page 19, \\nwe need to determine how the front desk clerk who is serving a customer can communicate with the back office. The front desk clerk has the following choices: \\n/SM590000Take care of the customer\\n/SM590000Pass the request to a another person\\n/SM590000Pass the request to a function such as another department\\n/SM590000Consult a manual to determine the best course of action\\nQuestions for connectivity and format can on ly be answered afterwards: how the addressee \\ncan be reached (call personally, by phone, mail, and so on), which data needs to be passed, \\nand in which form the data needs to presented. \\nThe traditional approach of enterprise application integration often focuses on the question of \\nhow to connect applications only to each other. For example, it helps the front desk clerk to contact another person, but it does not help to place a loans request without knowing which person to call. \\nObviously, it depends on the size of the enterprise and how much integration is needed. But \\nthere is no absolute criteria on how to classify a given enterprise. Other important factors are the dynamics of the enterprise, resources available, and regional distribution. Even small companies would be well advised to abstract their functions to services and implement an extendable enterprise service bus when they expect to grow in the long term, and for that expectation, decide on a strategic orientation in their IT.\\n 36 End-to-end Integration with IBM Sterling B2B In tegration and Managed File Transfer Solutions2.3.4  IBM ESB products\\nThere are many produ cts that can be used to create an  Enterprise Serv ice Bus (ESB). IBM \\nprovides several options for creating an ESB, as shown in Figure 2-8. It allows customers to select ESB technology based on th eir specific needs. In many la rge organization s, more than \\none ESB technology can be used to  create a hybrid ESB as re quired by differences in \\ngeography, technology, or for ot her reasons. Hybrid ESBs are es pecially likely when two large \\ndepartments each embark on SOA separately and then find they need to interoperate with each other.\\nThe three main IBM ESB products are WebS phere Message Broker, WebSphere ESB, and \\nWebSphere DataPower SOA Appliances.\\nFigure 2-8   IBM ESB offerings\\nWebSphere Message Broker\\nWebSphere Message Broker offers  capabilities that many cust omers use to create their ESB \\n(or a central ESB in a hybrid solution). WebSphere Message Broker has its heritage in the WebSphere MQ messaging space, and is particularly well suited for environments heavy in MQ messaging. It offers interface definitions for WSDL and other message formats, mediation capabilities through message fl ows, and support for a range of communication formats, \\nincluding WMQ and HTTP . WebSphere Message Broker also offers content based publish / subscribe interactions and managed topic spaces.\\nWebSphere Message Broker supports implementation of mediation patterns for a broad \\nspectrum of service interaction endpoints. It supports a large number of industry standard message sets (some, but certainly not all using XML encodings) and enables support for additional, user-defined message formats. \\n Chapter 2. Enabling seamless and secure integration inside and outside of the enterprise 37The following typical customer requirements are well suited to a WebSphere Message Broker \\nsolution:\\n/SM590000Transactional\\n/SM590000Publish/subscribe\\n/SM590000ACORD, SWIFT, or COBOL copybook standard formats\\n/SM590000XML formatted data\\n/SM590000WS-* standard compliant\\n/SM590000WebSphere MQ messaging\\n/SM590000Complex transformations\\n/SM590000Complex Event Processing\\nWebSphere Message Brok er provides numerous ESB connec tivity options and any-to-any \\ndata transformation. It enables legacy applications and those that do not conform to standards to connect to an ESB.\\nWebSphere Message Broker is described in more detail in 4.3.1, “WebSphere Message \\nBroker” on page 74.\\nWebSphere ESB\\nWebSphere ESB is a J2EE instantiation of an ESB. WebSphere ESB runs within a J2EE \\ncontainer in the IBM WebSphere Application Server. It is well suited to J2EE and WS-* standards-based applications, especially those ap plications that only need to communicate \\nwith other application servers. It also provides an excellent entry point into the SOA world, allowing basic web services to be utilized as  a stepping-stone into a more robust SOA \\nenvironment.\\nWebSphere ESB provides standards-based Web Services connectivity, JMS messaging, and \\nservice oriented integration. JMS applications for point-to-point and pub/sub messaging, and JAX-RPC service oriented applications can connect directly to WebSphere ESB, or messages can be deliv ered to WebSphere ESB across a variety of transports including \\nWMQ, SOAP/HTTP and SOAP/JMS. WebSphere ESB implements a web services gateway \\nwhich can mediate between SOAP/HTTP and SOAP/JMS based applications. Finally, it also provides an implementation of Universal Description Discovery and Integration (UDDI). The following typical customer requirements ar e well suited to a WebSphere ESB solution:\\n/SM590000J2EE implementations\\n/SM590000Web Services interfaces\\n/SM590000SOAP/HTTP\\nWebSphere DataPowe r SOA Appliance\\nWebSphere DataPower SOA Appliance is a hardware and software offering that provides a \\nnumber of importan t functions: XM L acceleration, securi ty enforcement, and ESB \\nfunctionality. DataPower has several important characteristics:\\n/SM590000Optimized hardware, firmware, and imbedded operating system\\n/SM590000A high level of assurance that the configuration is locked-down\\n/SM590000Reduced security vulnerabilities\\n/SM590000Hardware storage of encryption keys and a locked audit log\\n/SM590000No hard disks, CD ROMs, or USB ports\\n/SM590000Tamper-proof case that renders the machine unusable if opened\\n/SM590000Reduced operational complexity, as it is truly an SOA appliance 38 End-to-end Integration with IBM Sterling B2B In tegration and Managed File Transfer SolutionsDataPower provides the fastest entry into the SOA world, while at the same time providing an \\nenhanced security environment.\\nThe following typical customer requirements are well suited to a DataPower solution:\\n/SM590000Security Gateway\\n/SM590000XML firewall, parsing and validation\\n/SM590000Basic routing\\n/SM590000Content-based routing\\nProtocol bridging (HTTP , WebSphere MQ clients, FTP , ODBC, etc.)\\n2.3.5  Technology choices\\nTable 2-2 shows the different approaches of seamless integration with the internal systems:\\nTable 2-2   Technology choices \\nFor more information, see this website:\\nhttp://www-01.ibm.com/software/integration/wsesb/v6/faqs.html#provide\\nTechnology selection criteria\\nIn this section, we discuss the criteria that you need to keep in mind when developing your \\ntechnology solutions.WebSphere ESB WebSphere Message \\nBrokerWebSphere \\nDataPower\\nPossible complexity in \\ntransformationsHigh High Medium \\nRelative latency Regular Low Close to zero\\nOut-of-the box \\nInteroperabilityStandards Wide Specialized\\nExtensibility Very high (JCA) High Medium\\nHuman task support Y es, after upgrade to \\nthe WebSphere \\nProcess ServerNo No \\nTransaction manager Internal coordinator \\nWASInternal coordinator \\nWMQExternal \\nTransactions Regular and extended Regular and extended Regular and extended \\n(JTA) \\nPricing Medium unit Large unit Low maintenance \\ncosts Chapter 2. Enabling seamless and secure integration inside and outside of the enterprise 39Interaction style\\nIn order to fully support the variety of interaction patterns that are required in a \\ncomprehensive SOA (such as re quest/response, publish/subs cribe, and events), the ESB \\nmust ideally support in one infrastructure the three major styles of enterprise integration:\\n/SM590000SOAs in which applications communicate through reusable services with well-defined, \\nexplicit interfaces. Service-oriented interactions leverage underlying messaging and event communication models.\\n/SM590000Message-driven architectures in which applications send messages through the ESB to \\nreceiving applications.\\n/SM590000Event-driven architectures in which applications generate and consume messages \\nindependently of one another.\\nA consumer can implement a service invocation in different ways. From the consumer\\'s point \\nof view, the difference is as follows:\\n/SM590000Synchronous: The consumer uses a single thread  to invoke the service; the thread sends \\nthe request, blocks while the service is running, and waits for the response.\\n/SM590000Asynchronous: The consumer uses a pair of threads to invoke the service; one thread \\nsends the request, then a separate thread listens for and receives the response.\\n/SM590000Publish/subscribe: A service publishes messages  on a specific topic. Multiple services \\n(subscribers) can subscribe to this to pic and receive the published messages.\\nAn ESB can offer any combination of these invoca tion models for a single service, letting \\nservice consumers select a preferred invocation model.\\nInteraction style can influence the ESB implem entation. IBM WebSpher e Message Broker is \\nespecially suited to architectures in which the basic flow paradigm is asynchronous or pseudo-synchronous.\\nStatefulness\\nCertain situations might require an ESB to maintain state as me ssages traverse it. A simple \\nexample involves selecting a particular service endpoint from the context information of the last applicable message. A more complex example extends the ESB paradigm by detecting \\ncomplex situations that involve a context-sensitive composition of messages and events \\n(semantic context, temporal context, spacious-temporal context). This functionality is extremely powerful when applied to the processing of input from multiple event sources: from the perspective of a business, application, or infrastructure within different contexts. For example, such scenarios might involve Service Level Agreement alerts and compliance checking, which is applicable to the security, finance, banking, and insurance industries.\\nHardware ESB implementations do not generally support stat eful interactions, making \\nstatefulness a criterion for software ESB implementations. WebSp here Message Broker, \\nuniquely, implements complex message processing directly in the product, making it the most suitable for use cases requiring this function.\\nEndpoints, standard s, and protocols\\nEndpoints are consumers and services that interact through the ESB. Endpoints that employ \\nstandard technol ogy and protocols (such as web servic es) allow the most flexibility in ESB \\ntechnology selection. However, it is often not practical or cost-effective to restrict endpoints to these standards where large legacy investments exist. Similarly, while integrating packaged \\napplications is possible using their proprietary APIs, it is often useful to delegate this integration to a middleware vendor. To address these concerns, adapters exist that can greatly simplify integration. 40 End-to-end Integration with IBM Sterling B2B In tegration and Managed File Transfer SolutionsThe use of adapters influences  ESB product selectio n because adapters re quire a software \\nruntime (they are not support ed on hardware ESB implementa tions) and prerequisites for \\nadapters vary.\\nPolicy-based interaction manage ment and dynamic service selection\\nAn emerging ESB technology invo lves dynamic endpoint selecti on that exploits agent-based \\nendpoint statistics such as server utilization and health. It is supported out of the box in \\ncertain IBM ESB products through integration with IBM Tivoli Composite Application Manager.\\nMessage volume, size, and type\\nESB products have different scalability charac teristics. In genera l, hardware-based \\nimplementations scale quite well and have excellent support for industry standard data formats. However they do not provide the versat ility of software implem entations. WebSphere \\nMessage Broker performs very well, offers a very rich set of ESB functionality, and can be extended with custom components and adapters. WebSphere ESB has a rich set of support for industry standard formats, Java and Web Services standards, and can be extended with custom components and adapters.\\nReliability, availability , and serviceability (RAS)\\nESB products have different operational charac teristics and they achieve scalability and high \\navailability through different mechanisms and architectural footprints (one example is \\napplication server clustering versus OS-level clustering). It must be taken into consideration and the resulting solution architecture must balance RAS considerations against existing budget, skills within the organizati on and operational complexity.\\nRequired mediations\\nESB products differ in their ability to handle mediations  without custom programming. \\nNotably, WebSphere Message Broker has extensive support for standard data formats such as ACORD, SWIFT, and COBOL copybooks. If data formats are XML and Web Services, WebSphere DataPower SOA Appliances are an ideal fit, offering very high performance.\\n2.3.6  Small enterprises\\nThe small enterprise must find solutions that fit its limited financial and human resources. It probably cannot afford to pay much for significant individual programming or adaptions. \\nIssues of ad-hoc integration\\nSmall enterprises will probably choose highly integr ated “custom off the shelves” software \\npackages that offer most of the capabilities they need. It other wo rds, they would make use of \\nthe shared database pattern for internal integration, as the vintage model companies did. Y et, there will be issues with their remaining integrat ion needs. Examples include trying to solve \\ntheir requirements ad-hoc with whatever converter, adapter, bridge, or transformation tool is in reach, such as a download from the Internet, ad-hoc scripting (when the IT person has the knowledge), or simply by manually transferring (copying and pasting) from one window to another.  Chapter 2. Enabling seamless and secure integration inside and outside of the enterprise 41If such a direct approach is chosen in an environment with eight components, it results in 42 \\nbi-directional connections. Unlike the symbolic  edges in Figure 2-9, the shape of the links \\nwould vary in terms of protocols and transports. It leads to operational complexity that can become expansive and dangerous. \\nFigure 2-9   Direct connectivity, hub and spoke and bus approach\\nThe most important consideration is that manual synchronization and most ad-hoc connectivity solutions do not guarantee transactional integrity. \\nIntegrated cloud services \\nA viable alternative to homemade integration inside a small company can be buying an integrated cloud services solution from an external provider. The cloud attributes are very attractive for small businesses:\\n/SM590000Enhanced user experience\\n/SM590000Elastic scaling\\n/SM590000Automated provisioning\\n/SM590000Highly virtualized\\n/SM590000Flexible pricing \\nIt is particularly true when the small enterprise uses a number of applications in the cloud and \\nthe integration data traffic stays in the cloud. If there are many interactions between applications and services hosted in different places, it would be problematic where the integration software is placed, because network latency becomes an issue. We assume that most of the services to be integrated are hosted in the cloud. Therefore, integration must also happen there.\\nThe use of cloud based services that are not integrated have at least the same drawbacks as \\nthe non-integrated on-premises applications. Small enterprises tend to participate in public or shared cloud services as opposed to a hosted private cloud. \\nThe cloud service provider uses highly developed integration software products (as we \\ndiscuss in the following sections) to offer integration services for a higher number of clients, often combined with industry-specific extensions. There can be win/win situations when providers include some customization in order to better adapt their offering to the specific industry. The enterprise gets the service it needs at a good price and the cloud service provider improves its portfolio.Changes:  Transactional integrity  means that changes are propagated “exactly once, and \\nonly once” between systems.   42 End-to-end Integration with IBM Sterling B2B In tegration and Managed File Transfer Solutions2.3.7  Medium and large enterprises\\nMedium and large enterprises who want to avoi d the direct connection tangle often choose a \\n“hub and spoke” integration approach where applications are connected by adapters to a broker that acts as intermediary. In the sample shown in Figure 2-9, the number of links is reduced from 42 to 7. \\nThe concept of enterprise service bus (Figure 2-10) leverages hub and spoke architecture to \\nthe next level by the abstract ing applications to services. \\n/SM590000More indirection\\n/SM590000More scalability \\n/SM590000More flexibility for diff erent ways to do things\\nFigure 2-10   Enterprise Service Bus - Conceptual - \\nAn ESB connects requestor and provider, deco upling the inte ractions between them in \\nsupport of separation of concerns. An ESB is part of a connectivity infrastructure that enables decoupled, dynamic, adaptable service interaction.\\nAn ESB is used to connect the service requester to the servic e provider so that messages \\ncan be routed between the two platforms. The ESB is a collection of software components that manage messaging from one part of the network to another. The ESB handles \\nmismatches between the requesters and providers, including protocol, interface, or quality of service mismatches.\\n Chapter 2. Enabling seamless and secure integration inside and outside of the enterprise 43The ESB processes messages exchanged between the service endpoints (Figure 2-11). In \\ncontrast with regular business application components, the ESB is concerned with the flow of the messages through the infrastructure and not just with the business content of the messages. Rather than performing busine ss functions, the ESB performs mediation \\ncapabilities including, routing,  transformation, and logging operations on the messages.\\nFigure 2-11   Messages exchang ed between the service endpoints\\nInterposing the ESB between partic ipants enables you to modulat e their interaction through a \\nlogical construct called a mediation . Mediations operate on messages in-flight between \\nrequesters and providers. For example, mediat ions can be used to find services with specific \\ncharacteristics that a requester is asking for, or to resolve interface differences between requesters and providers. For complex interactions, mediations can be chained sequentially.\\nAn enterprise service bus, with mediations, pe rforms the following actions between requester \\nand service:\\n/SM590000\\nRouting  messages between services. An enterprise service bus offers a common \\ncommunication infrastructure that can be used to connect services, and thereby the business functions they represent, without the need for programmers to write and maintain complex connectivity logic.\\n/SM590000\\nConverting  transport protocols between requester and service. An enterprise service bus \\nprovides a consistent, standards-based way to integrate business functions that use \\ndifferent IT standards. It enables integration of business functions that cannot normally communicate, such as to connect applications in departmental silos or to enable applications in different companies to  participate in service interactions.\\n/SM590000\\nTransforming  message formats between requester and service. An enterprise service bus \\nenables business functions to exchange information in different formats, with the bus ensuring that the information delivered to a business function is in the format required by that application. \\n/SM590000\\nHandling  business events from disparate sources. An enterprise service bus supports \\nevent-based interactions in addition to the message exchanges to handle service requests.\\nHybrid ESB:  One difference between medium and large enterprises is that, as described \\nin 2.3.4, “IBM ESB pr oducts” on page 36, some large or ganizations use more than one \\nESB technology to create a hybrid ESB as required by differences in geography, \\ntechnology, or for other reasons. \\n 44 End-to-end Integration with IBM Sterling B2B In tegration and Managed File Transfer Solutions © Copyright IBM Corp. 2012. All rights reserved. 45Chapter 3. Connecting with your partners \\nand managing your \\ncommunication\\nIn this chapter, we discuss typical scenarios for a company to exchange business data with \\ntrading partners. Several possible implementations are considered and described, depending on the business requirements. We also discuss managing exchanged business data.\\nThis chapter includes the following sections:\\n/SM5900003.1, “What are the business requirements?” on page 46\\n/SM5900003.2, “Typical scenarios and implementation” on page 46\\n/SM5900003.3, “Product information” on page 583 46 End-to-end Integration with IBM Sterling B2B In tegration and Managed File Transfer Solutions3.1  What are the business requirements?\\nThe scenarios that we discuss in this chapter take the following business requirements into \\nconsideration:\\n/SM590000Operation and performance characteristics, including these factors:\\n– Onboarding partners:\\n\\x81 The configuration necessary for onboarding an external trading partner\\n\\x81 The need for installing a software on an external trading partner environment\\x81 The external trading partner skill to  deploy and configure any software\\n\\x81 Any outsourced services\\x81 The number of external trading partners\\n– Operation and performance:\\n\\x81 The need for encrypting data exchange\\n\\x81 The need for doing data exchange without manual intervention\\x81 How often the data exchange occurs\\x81 The different file sizes that must be accommodated\\x81 The data exchange performance necessary to satisfy processing windows\\x81 Triggering processing after the data has been received\\n/SM590000Managing data exchange, including these factors:\\n– Being able to get a warning if the connection or transmission fails\\n– Being able to define what data exchange should happen. when it needs to happen, and \\nget a warning if it does not occur\\n– Being able to troubleshoot any problem from a central location\\n3.2  Typical scenarios  and implementation\\nThis section describes some sample scenario s showing different possible implementations \\nfor business data exchange and monitoring of the environment. \\n3.2.1  Sample scenario: IBM Sterling File Gateway\\nThe scenario described in this section has the following assumptions:\\n/SM590000There are external trading partners (represented by Company A). \\n/SM590000There is a centralized location to which all external trading partners communicate \\n(represented by Company B). \\nScenario requirements\\nIt is assumed that Company B has the following needs when communicating to external trading partners (Company A):\\n/SM590000Onboarding an external trading partner must require minimum configuration.\\n/SM590000There is no need to install any software on the external trading partner environment.\\n/SM590000Some external trading partners might not ha ve personnel who are skilled to deploy or \\nconfigure any software.\\n/SM590000Several different protocols need to be available to adapt to different external trading \\npartners requirements. Chapter 3. Connecting with your partners and managing your communication 47/SM590000Existing software on the external trading partners environment must be accepted \\nwhenever possible.\\n/SM590000Different file sizes and amounts must be accommodated.\\n/SM590000It is necessary to stage data sent to some external trading partners.\\n/SM590000Data processing needs to be automated when received from an external trading partner.\\nScenario implementation\\nIBM Sterling File Gateway can be used to satisfy the needs of Company B in the ways \\ndescribed in the following sections.\\nOnboarding an external trading partner must require minimum configuration\\nWith IBM Sterling File Gateway, you can use easy-to-user graphical user interface to onboard partners and configure the various combinations of communication protocols to enable Sterling File Gateway operation. In this scenario, a new external trading partner (Company A) definition needs to be created. Previous definition templates can be reused.\\nThere is no need to install any software on the external trading partner \\nenvironment\\nIBM Sterling File Gateway provides a myFileGateway application that runs from a \\nWebBrowser. From within myFileGateway, external trading partners can do these tasks:\\n/SM590000Upload or download files\\n/SM590000Search for routes in which they participated\\n/SM590000View recent activity and status for file transfers in which they participated\\n/SM590000Generate reports for activity in which they participated\\n/SM590000Change their password\\n/SM590000Subscribe to notifications\\nSeveral different protocols must be available to adapt to the requirements of \\ndifferent external trading partners\\nIBM Sterling File Gateway uses a wide range of  protocols going into an external trading \\npartner (Company A) server. These protocols are described in Table 3-1.\\nTable 3-1   Supported protocols by IBM Sterling File Gateway\\nProtocol Encryption Business Purpose\\nFTP/S SSL Widely available, easy to configure.SFTP SSH/SFTP Widely available, easy to configure.\\nSFTP SSH/SCP SSH/SCP provides an alternative means to exchange information with \\ntrading partners who do not have SFTP clients. The SFTP Server \\nadapter enables trading partners with SCP clients to exchange files with Application Mailboxes. To the external  users, the Mailbox is a directory \\non which the user has privileges.\\nHTTP/S SSL Supports application myFileGateway.\\nConnect:DIrect SSL/TLS\\nSTSConnect:Direct uses a proprietary high performance protocol. 48 End-to-end Integration with IBM Sterling B2B In tegration and Managed File Transfer SolutionsExisting software on external trading partners must be accepted whenever \\npossible\\nIf Company A already has an IBM Sterling Connect:Direct Server or a Sterling B2B Integrator \\nConnect:Direct Adapter, it can be used to communicate to Sterling B2B Integrator Sterling File Gateway Connect:Direct Server adapter.\\nDifferent file sizes should be accommodated\\nIf it is necessary for Company A (external trading partners) and Company B to exchange large size files and/or big amounts of files or they have a small processing window that other protocols could not meet, or need to exchange data without manual intervention, then IBM Sterling Connect:Direct could be used. See 3.2.2, “Sample scenario: IBM Sterling Connect:Direct” on page 50 below. IBM Sterling File Gateway supports Connect:DIrect protocol, as shown in Table 3-1 on page 47.\\nNeed to stage data sent to some external trading partners\\nIf Company A (external trading partners) are not available when Company B has data to send the data can be stored on Sterling B2B Integrator Mailbox. Next time Company A initiates a connection the data can be retrieved from Mailbox.\\nNeed to automate data processing when received from an external trading \\npartner\\nYou have several options when integrating mailboxes with the rest of the application. \\nThe most commonly used option is integrating the mailboxes with business processes. There \\nare two primary methods you can use:\\n/SM590000Invoking the Mailbox services from a business process.\\n/SM590000Specifying an application business process using a routing rule.\\nSee the following websites for more details:\\nhttp://help.sterlingcommerce.com/SB2BI52/topic/com.ic.customization.doc/SI_52_PDF/\\nSI52_Mailbox_31923_22331.pdf\\nhttp://help.sterlingcommerce.com/SFG22/topic/com.ic.customization.doc/SFG22_Overvi\\new.pdfTip: IBM Sterling Connect:Direct supports several features providing a very high \\nperformance: multi-sessions, sessions retry, checkpoint/restart/ compression. Chapter 3. Connecting with your partners and managing your communication 49Scenario details\\nFigure 3-1 describes this scenario.\\nFigure 3-1   Sample IBM Sterling File Gateway scenario   Company A (Trading Partner)                DMZ                                  Company B\\n2Firewalls\\nCompany A \\ninitiates connection to \\nCompany BSterling\\nB2B\\nIntegrator\\nFTP/S or SFTP\\nclient\\nSterling \\nFile GatewayWebBrowser to\\nmyFileGateway FTP/S or SFTP\\nserver (1)\\nHTTP or HTTP/S\\nserver Sterling\\nSecure\\nProxy (2)\\nCompany A\\naccepts connection fromCompany B\\nFTP/S or SFTP\\nclient\\n (3)\\nFTP/S or SFTP\\nserverHTTP or HTTP/S\\nclient (4)\\nHTTP or HTTP/S\\nserver\\nConnect:DIrect\\nServer\\nAdapter\\nCompany A\\ninitiates or accepts\\nconection to/fromCompany B\\nIBM Sterling\\nConnect:Direct\\nserver (5) 50 End-to-end Integration with IBM Sterling B2B In tegration and Managed File Transfer SolutionsThis scenario has the following assumptions:\\n/SM590000External trading partners (Company A) are placed outside of the DMZ.\\n/SM590000Sterling Secure Proxy is placed inside the DMZ.\\n/SM590000Company B is placed internal to the DMZ.\\nThe following text describes the flow of this scenario:\\n1. Arrow (1): An FTP/S or SFTP session initiated by external trading partners (Company A), \\ntraversing through Sterling Secure Proxy and reaching Sterling File Gateway FTP/S or SFTP server.\\n2. Arrow (2): An HTTP or HTTP/S session initiated by external trading partners (Company \\nA), using myFileGateway application, traversing through Sterling Security Proxy and reaching Sterling File Gateway HTTP or HTTP/S server.\\n3. Arrow (3): An FTP/S or SFTP  session initiated by Company B, traversing through Sterling \\nSecure Proxy and reaching external trading partners (Company A) FTP/S or SFTP server.\\n4. Arrow (4): An HTTP or HTTP/S session initiated by Company B, traversing through \\nSterling Secure Proxy and reaching external trading partners (Company A) HTTP or HTTP/S server.\\n5. Arrow (5): A session initiated either by external trading partners) Company A or Company \\nB, traversing through Sterling Secure Proxy. The participants of this session are external trading partners (Company A) IBM Sterling Connect:Direct server and Company B Sterling B2B Connect:Direct Server adapter.\\n3.2.2  Sample scenario: IBM Sterling Connect:Direct \\nThe scenario described in this section has the following assumptions:\\n/SM590000There are external trading partners (represented by Company A). \\n/SM590000There is a centralized location to which all external trading partners communicate \\n(represented by Company B). \\nScenario requirements\\nIt is assumed that Company B has the following needs when communicating to external trading partners (Company A):\\n/SM590000High volume data is exchanged with high number of files or very large files with high \\nperformance.\\n/SM590000High performance is required.\\n/SM590000Data exchange occurs without manual intervention.\\n/SM590000Detailed logging of data exchange operations is done.\\n/SM590000There is a need to automate data processing after it has been received from an external \\ntrading partner. Chapter 3. Connecting with your partners and managing your communication 51Scenario implementation\\nIBM Sterling Connect:Direct or the IBM Sterling B2B Connect:Direct Server Adapter can be \\nused to satisfy the following needs of Company B.\\nHigh volume data is exchanged, high number of files, or very large files with \\nhigh performance\\nIBM Sterling Connect:Direct supports several features providing very high performance: \\nmulti-sessions, sessions retry, checkpoint/restart/ compression, and data exchange without manual intervention. With IBM Sterling Connect:Direct, there is no limit on the file size to be transferred. IBM Sterling Connect:Direct supports FileAgent to automate data exchange operations. See the IBM Sterling Connect:Direct File  Agent Configuration Guide at the \\nfollowing website for more information:\\nhttp://www.sterlingcommerce.com/documentation/home/MFT/ConnectDirect/File%20Agent/\\nCD%20FileAgent14/CDFAConfigGuide.pdf\\nData exchange without manual intervention\\nIBM Sterling B2B Connect:Direct Server Adapter operations can be triggered from within a Business Process without manual intervention.\\nDetailed logging of data exchange operations\\nIBM Sterling Connect:Direct statistics log every operation in detail. In general, the same information exists on the statistics of both IBM Sterling Connect:Direct instances that had communicated. IBM Sterling B2B Connect:Direct Server adapter generates Business Process statistics.\\nNeed to automate data processing after it has been received from an external \\ntrading partner\\nIBM Sterling Connect:Direct exits or Process Language can be used to automate the \\nprocessing of data received from an external trading partner\\nFor more information, see the  IBM Sterling Connect:Direct Process Language Reference \\nGuide  at this website:\\nhttp://www.sterlingcommerce.com/Documentation/Processes/CDProcessesLanguageRefGuid\\ne.pdf\\nIBM Sterling B2B Connect:Direct Server adapter can use Sterling File Gateway Mailbox \\nservices to automate the processing of data received from an external trading partner. 52 End-to-end Integration with IBM Sterling B2B In tegration and Managed File Transfer SolutionsScenario details\\nFigure 3-2 describes this scenario.\\nFigure 3-2   Sample IBM Sterling Connect:Direct scenario/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23#23/;#23#23#23/;#23#23#23#23/;#23#23#23#23#23/;#23#23#23#23#23#23/;#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23/;#23#23#23#23#23#23#23#23#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23\\n/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/##40He56442409eb2e77ad61dd1c271fabe6c/##43Hd27e308598cf1f8bcf9e336036f3f448/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23#23/;#23#23#23/;#23#23#23#23/;#23#23#23#23#23/;#23#23#23#23#23#23/;#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23/##46H7a539460a8268e5915c0973dbb05dce1\\n/;#23/;#23/;#23/;#23/;#23\\n/;#23/;#23/;#23/;#23/;#23/;#23/;#23/##49H7d5c40f4f2638829db6b707b7e9400a3/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/##4CH2eb0c8ba15de4cce8fa3c169622f8e93/;#23#23#23#23#23#23/##4FHabe68123f3cb4e14e0d59c97044fedf7/##4FHabe68123f3cb4e14e0d59c97044fedf7/##52H929f5141f4575eca8d5e4ef21356227f\\n/;#23/;#23#23/;#23#23#23/;#23#23#23#23/;#23#23#23#23#23/;#23#23#23#23#23#23/;#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23\\n/;#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23\\n/;#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23/;#23#23/;#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23\\n/;#23#23/;#23#23#23/;#23#23#23#23/;#23#23#23#23#23/;#23#23#23#23#23#23/;#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23/;#23#23#23#23#23#23#23#23#23\\n/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/##52H929f5141f4575eca8d5e4ef21356227f/;#23/;#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23/;#23/;#23#23#23#23#23#23/##55H86fa5259cb141e4f33f834c08eacfe53/##55H86fa5259cb141e4f33f834c08eacfe53/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/##52H929f5141f4575eca8d5e4ef21356227f\\n/##55H86fa5259cb141e4f33f834c08eacfe53/;#23#23#23/;#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/##55H86fa5259cb141e4f33f834c08eacfe53/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23/;#23#23#23#23#23#23#23/;#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23/##58Hb981034091b194e41ef5193e7127dfd3/##5BH40500acfd45bb67052e9c43dd051a0f4/;#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23/;#23#23#23#23\\n/;#23#23/;#23#23#23/;#23#23#23#23/;#23#23#23#23#23/;#23#23#23#23#23#23/;#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23/##46H7a539460a8268e5915c0973dbb05dce1\\n/g31/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23/##4FHabe68123f3cb4e14e0d59c97044fedf7/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23\\n/##49H7d5c40f4f2638829db6b707b7e9400a3/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23/##4FHabe68123f3cb4e14e0d59c97044fedf7/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23/g32/;#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/##4CH2eb0c8ba15de4cce8fa3c169622f8e93/;#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23\\n/g33/##46H7a539460a8268e5915c0973dbb05dce1/##40He56442409eb2e77ad61dd1c271fabe6c/;#23/g31/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23/##4FHabe68123f3cb4e14e0d59c97044fedf7/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23\\n/;#23#23/;#23#23#23/;#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/##55H86fa5259cb141e4f33f834c08eacfe53/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/g34/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/##55H86fa5259cb141e4f33f834c08eacfe53/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23\\n/##52H929f5141f4575eca8d5e4ef21356227f/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23/g35/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23 /;#23#23/;#23#23#23/;#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/##55H86fa5259cb141e4f33f834c08eacfe53/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/g34/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/##55H86fa5259cb141e4f33f834c08eacfe53/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23\\n/g31/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23/g35/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23\\n/;#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23/;#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23\\n/g31/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23/##4FHabe68123f3cb4e14e0d59c97044fedf7/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23\\n/g31/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/##55H86fa5259cb141e4f33f834c08eacfe53/g36/;#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23\\n/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23/g37/;#23#23#23#23#23#23#23#23/;#23/;#23/;#23#23#23#23#23#23#23#23#23#23/g38/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23/;#23/;#23#23#23#23#23#23#23#23#23#23/g39/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23\\n/g33/##46H7a539460a8268e5915c0973dbb05dce1/##40He56442409eb2e77ad61dd1c271fabe6c/;#23/g31/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23/##4FHabe68123f3cb4e14e0d59c97044fedf7/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23\\n/;#23#23/;#23#23#23/;#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/##55H86fa5259cb141e4f33f834c08eacfe53/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/g34/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/##55H86fa5259cb141e4f33f834c08eacfe53/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23\\n/##52H929f5141f4575eca8d5e4ef21356227f/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23/g35/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23\\n/g40/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/g41/g31/;#23#23#23#23#23/g42/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23\\n/##40He56442409eb2e77ad61dd1c271fabe6c/g43/;#23/##49H7d5c40f4f2638829db6b707b7e9400a3/;#23#23#23#23#23#23#23#23#23#23#23/g44/;#23/;#23/;#23#23#23#23#23#23#23#23#23#23/g45/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23\\n/;#23/;#23/;#23#23#23#23#23#23#23#23#23#23/g46/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23\\n/g40/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/g41/g31/;#23#23#23#23#23/g42/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23\\n/##40He56442409eb2e77ad61dd1c271fabe6c/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/##52H929f5141f4575eca8d5e4ef21356227f/##52H929f5141f4575eca8d5e4ef21356227f/;#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23\\n/##46H7a539460a8268e5915c0973dbb05dce1/;#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23/g47/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23/;#23/;#23/;#23#23#23#23#23#23#23#23#23#23/g48/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23\\n/##49H7d5c40f4f2638829db6b707b7e9400a3/g33/##4FHabe68123f3cb4e14e0d59c97044fedf7/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23 Chapter 3. Connecting with your partners and managing your communication 53This scenario has the following assumptions:\\n/SM590000External trading partners (Company A) are placed outside the DMZ.\\n/SM590000Sterling Secure Proxy is placed inside the DMZ.\\n/SM590000Company B is placed internal to the DMZ.\\nHere we describe the flow of this scenario:\\n1. Arrow (1): A session initiated either by external trading partners) Company A or Company \\nB, traversing through Sterling Secure Proxy. The participants of this session are external trading partners (Company A) IBM Sterling Connect:Direct server and Company B IBM Sterling B2B Connect:Direct Server adapter \\n2. Arrow (2): A session initiated either by external trading partners) Company A or Company \\nB, traversing through Sterling Secure Proxy. The participants of this session are external trading partners (Company A) IBM Sterling Connect:Direct server and Company B IBM Sterling Connect:Direct server.\\n3. Arrow (3): A session initiated by Company B in ternal to the DMZ. The participants of this \\nsession are Company B IBM Sterling Connect:Direct server and Company B IBM Sterling B2B Connect:Direct Server adapter. This session is shown to represent a possible connectivity internal to Company B.\\n4. Arrow (4): A session initiated by Company B in ternal to the DMZ. The participants of this \\nsession are Company B IBM Sterling Connect:Direct server and Company B WebSphere MQ FTE. This session is shown to represent a possible connectivity internal to Company \\nB.\\n5. Arrow (5): A session initiated by Company B in ternal to the DMZ. The participants of this \\nsession are Company B IBM Sterling Connect:Direct server and Company B WebSphere Message Broker. This session is shown to represent a possible connectivity internal to Company B.\\n3.2.3  Sample IBM Sterling Control Center scenario\\nThe scenario described in this section has the following assumptions:\\n/SM590000There are external trading partners (represented by Company A). \\n/SM590000There is a centralized location to which all external trading partners communicate \\n(represented by Company B).  54 End-to-end Integration with IBM Sterling B2B In tegration and Managed File Transfer SolutionsScenario requirements\\nIt is assumed that Company B has the following needs when communicating to external \\ntrading partners (Company A):\\n/SM590000Any failure in a data exchange will be  immediately detected and notified.\\n/SM590000Any planned data exchange th at does not occur will be notified before their Service Level \\nAgreement (SLA) is not met.\\n/SM590000Availability of a centralized console with nece ssary data to determine problem cause or \\nbegin problem determination.\\nScenario implementation\\nIBM SterlingControl Center can be used to satisfy Company B needs as described below.\\nAny failure in a data exchange will be immediately detected and notified\\nIBM Sterling Control Center manages IBM Sterling File Gateway and IBM Sterling Connect:Direct. Y ou can define rules to follow up any data exchange operation that are critical to some SLA or processing window. Any failure  in those operations will be immediately \\nnotified.\\nAny planned data exchange that does not occur will be notified before their \\nService Level Agreement (SLA) is not met\\nService Level Criteria (SLC) can be defined for any planned data exchange that is critical to \\nsome SLA or processing window. If the plan ned data exchange fails or does not occur a \\nnotification will be sent.\\nAvailability of a centralized console with necessary data to determine problem \\ncause or begin problem determination\\nIBM Sterling Control Center gathers data about data exchange operations that can be \\naccessed by their local or remote consoles. IBM Sterling Control Center can also be used to configure IBM Sterling Connect:DIrect servers.\\nFor more information, see IBM Sterling Control Center System Administration Guide at this \\nwebsite:\\nhttp://www.sterlingcommerce.com/documentation/SCC53/PDF/SystemAdministration.pdf Chapter 3. Connecting with your partners and managing your communication 55Scenario details\\nFigure 3-3 describes this scenario.\\nFigure 3-3   Sample IBM Sterling Control Center scenario Company A (Trading Partner)             DMZ                                       Company B\\nFirewalls\\nCompany A\\ninitiates or accepts\\nconection to/fromCompany BSterling\\nB2BIntegrator\\nFTP/S or SFTP\\nclient or\\nserver\\nSterling\\nFile Gateway\\n (1)\\nHTTP or HTTP/S\\nclient or \\nserverConnect:Direct\\nServer\\nAdapterSterling\\nSecureProxy  (2)\\n (3)\\nFIleAgent\\nIBM Sterling\\nConnect:Direct\\nserverIBM Sterling\\nConnect:Direct\\nserver (5)\\n (4)\\nIBM Sterling\\nControl Center (1)\\n (2) 56 End-to-end Integration with IBM Sterling B2B In tegration and Managed File Transfer SolutionsThis scenario has the following assumptions:\\n/SM590000External trading partners (Company A) are placed outside the DMZ.\\n/SM590000Sterling Secure Proxy is placed inside the DMZ.\\n/SM590000Company B is placed internal to the DMZ.\\nHere we describe the flow of this scenario:\\n1. Arrow (1) represents:\\n– An FTP/S or SFTP session initiated by external trading partners (Company A), \\ntraversing through Sterling Security Proxy and reaching Sterling File Gateway FTP/S or SFTP server.\\n– An HTTP or HTTP/S session initiated by ex ternal trading partners (Company A), using \\nmyFileGateway application, traversing through Sterling Security Proxy and reaching Sterling File Gateway HTTP or HTTP/S server.\\n– An FTP/S or SFTP session initiated by Comp any B, traversing through Sterling Secure \\nProxy and reaching external trading part ners (Company A) FTP/S or SFTP server.\\n– An HTTP or HTTP/S session initiated by Company B, traversing through Sterling \\nSecure Proxy and reaching external trading  partners (Company A) HTTP or HTTP/S \\nserver.\\n2. Arrow (2) represents:\\n– A session initiated by external trading partners (Company A) traversing through \\nSterling Secure Proxy and reaching Company B Sterling B2B Integrator Connect:Direct Server Adapter.\\n– A session initiated by external trading partners (Company A) traversing through \\nSterling Secure Proxy and reaching Company B IBM Sterling Connect:Direct Server.\\n3. Arrow (3) represents an internal session between Company B Sterling B2B Integrator \\nConnect:Direct Server Adapter and Company B IBM Sterling Connect:Direct Server.\\n4. Arrow (4) represents IBM Sterling Control Center managing Company B IBM Sterling \\nConnect:Direct Server operations.\\n5. Arrow (5) represents IBM Sterling Control Center managing Company B IBM Sterling B2B \\nintegrator operations.\\n3.2.4  Sample IBM Sterling B2B Cloud Services scenario\\nIBM Sterling B2B Cloud Services fill a void in th e portfolio of on-premise software products by \\nintroducing software solutions ranging from on-demand to fully managed services, providing customers with the flexib ility to quickly adapt as their busi ness needs change and evolve. And \\nthe hybrid strategy of providing a combination of software on-premise and services in the cloud provides customers secure connectivity and collaboration with 100% of their business partners.  Chapter 3. Connecting with your partners and managing your communication 57See Figure 3-4 for details.\\nFigure 3-4   Sample IBM Sterling B2B Cloud Services scenario\\nSample scenarios of adoption of IBM Sterling B2B Cloud Services are described in detail in \\nChapter 8, “IBM Sterling B2B Cloud Service scenarios” on page 313. Customers benefit from adopting the cloud services to meet the following business requirements:\\n/SM590000Reduce the time and complexity of securely and flexibly integrating 100% of partner \\ncommunities, having little operational impact on IT staff.\\n/SM590000Rely on a highly scalable platform and elastic resource capacity to grow and shrink as \\nneeded, responding to dynamic business needs.\\n/SM590000Accelerate the ROI of B2B projects and use th eir internal resources where they need them \\nmost, and use outsourced services instead of establishing complex expertise in house.\\n/SM590000Provide centralized visibility into actionable  information across key IT and business \\nprocesses.\\n3.2.5  Sample WebSphere DataPower B2B Appliances XB62 scenario\\nIn this section, we provide an overview of a banking integration scenario. In this case, we \\nimplement a one-way flow, which corresponds with an incoming payment from the hub Enterprise Resource Planning (ERP) system, that needs to be sent to a specific banking partner. A message comes through the DataPower device by WebSphere MQ (WMQ) queues and performs a message transformation to XML. This XML is then wrapped in AS3 and then sent to the specific partner’s backend. The DataPower device then waits for an asynchronous AS3 Message Disposition Notification (MDN) befo re the transaction is treated as complete.\\nAll the messages between the partner and the provider are exchanged in encrypted format \\nand signed as a consequence of the assumed trading manager agreement.\\n 58 End-to-end Integration with IBM Sterling B2B In tegration and Managed File Transfer SolutionsFigure 3-5 shows the flow from a high-level perspective.\\nFigure 3-5   Scenario overview\\nMore details of this scenario and implementation details can be found in IBM WebSphere \\nDataPower B2B Appliance XB60 Revealed , SG247745.\\n3.3  Product information\\nIn this section, we describe the products used in the scenarios described in this chapter.\\n3.3.1  IBM Sterling File Gateway\\nIBM Sterling FIle Gateway is an application for transferring files between partners using \\ndifferent protocols, file naming conventions, and file formats. It runs as an application on IBM Sterling B2B Integrator, to wh ich it is fully integrated. \\nY ou can see the Sterling File Gateway Overview document at this website:\\nhttp://help.sterlingcommerce.com/SFG22/topic/com.ic.customization.doc/SFG22_Overvi\\new.pdfDataPower B2B Appliance\\nTrading Partner \\nB2B Gateway \\n(Banking Partner)DataPower B2B \\nAppliance\\n(B2B Gateway \\nService)DataPower B2B \\nAppliance\\n(Multi Protocol \\nGateway)ERP system\\nPayment \\nprocessing \\n(XML)Package the EDIX12 835 \\nin AS2 and apply security \\nbased on the Trading \\nPartner AgreementXML AS3 / XML\\nAS3 MDN Receive the AS3 \\nMDN and correlate to \\noutbound message \\nfor viewing purposesFlat File Payment\\nThe file is transformed from flat file  to XML in a \\n“Transform Binary” \\naction  and sent to the \\nB2B Gateway service for \\nAS3 routingThe back-end application \\ngenerates the Payment Lot \\n( Flat File)  and sends it to \\nthe DataPower XB60 \\ndeviceUsing AS3 for \\nERP Processing Transaction Flow over XMLInternet Chapter 3. Connecting with your partners and managing your communication 59IBM Sterling File Gateway features\\nIBM Sterling File Gateway has the following features:\\n/SM590000File/File name Transformations: Mapping of input to output file names, system-wide, \\ngroup, and partner-specific policies; co mmon file processi ng tasks such as \\ncompression/decompression, PGP encr yption/decryption, and signing.\\n/SM590000File Transfer Visibility: Events  are recorded for monitoring a nd reporting; det ailed tracking \\nfor input-output f ile structure processing and dynamic route determination;  ability to view \\nand filter Sterling File Gate way data flows for all users.\\n/SM590000Replay/Redeliver: One-click replay/redeliver capability that allows users to reprocess a \\ntransmission from the beginning or to resend just the processed file to a specify delivery destination.\\n/SM590000Notifications: Partners and operators can subscribe to be notified about events by emails.\\n/SM590000Predefined business processes: Define common behaviors in file-transfer scenarios, \\nreducing the need for customization.\\n/SM590000Extensibility: Custom event code s, protocols, facts, and co nsumer identification policies \\ncan be added to support unique scenarios.\\n/SM590000Broad communications Protocol Support: FTP , FTP/S, SSH/SFTP , SSH/SCP , and Sterling \\nConnect:Direct are supported upon installation , and additional prot ocols (such as AS2, \\nAS3, or Odette FTP) can be configured through use of the extensibility feature.\\n/SM590000Partner Interface (myFileGateway): Web browser-based interface that enables partners to \\nupload/download files, subscribe to notifications of events, manage passwords, search and view file transfer activity, and generate reports about file transfer activity.\\n/SM590000Flexible Mailbox Structures: Ab ility to specify mailbox struct ures that leverage pattern \\nmatching policies and specify attributes that must be true of all partners or a subset of partners.\\n/SM590000Dynamic Routing: Consumer derived at run-time, either through mailbox structure, file \\nname, business process-derived consumer name, or map-derived consumer name.\\n/SM590000Partner Onboarding: Easy-to-user graphical user interface to onboard partners and \\nconfigure the various combinations of communication protocols to enable Sterling File Gateway operations.\\nIBM Sterling File Gateway integrati on with IBM Sterling B2B Integrator\\nSterling File Gateway utilizes the Sterling B2B fo undation. Administrative functions such as \\ncreating and managing user accounts, permission groups, and security keys for Sterling File Gateway are handled in Sterling B2B Integrator.\\nSterling File Gateway utilizes the communication  adapters of Sterling B2B Integrator, which \\ninclude the following adapters:\\n/SM590000FTP Server adapter\\n/SM590000FTP Client adapter\\n/SM590000SFTP Server adapter\\n/SM590000SFTP Client adapter\\n/SM590000HTTP Server adapter\\n/SM590000HTTP Client adapter\\n/SM590000Connect:Direct Server adapter\\n/SM590000Command Line adapter 2 (for PGP) 60 End-to-end Integration with IBM Sterling B2B In tegration and Managed File Transfer SolutionsIBM Sterling File Gateway W eb Application myFileGateway\\nSterling File Gateway provides a Web Application named myFileGateway that can be used to:\\n/SM590000Upload or download files\\n/SM590000Search for routes in which they participated\\n/SM590000View recent activity and status for file transfers in which they participated \\n/SM590000Generate reports for activity in which they participated \\n/SM590000Change their password\\n/SM590000Subscribe to notification\\nIBM Sterling File Gateway Mailboxes\\nMailboxes can be used to stage date passing between internal systems and trading partners. \\nWhenever data is produced when trading partners are not available to receive it, or trading partners send data that cannot be immediately processed, Mailboxes can be used to store data until it can be retrieved.\\nRouting is another important f eature of Mailboxes. R outing provides Mailb oxes with the ability \\nto automate the processing of data received from trading partners.\\nIBM Sterling File Gateway integrati on with IBM Sterling Secure Proxy\\nIBM Sterling Secure Proxy can be deployed in a DMZ between IBM Sterling File Gateway and \\ntrading partners, as shown in Figure 3-6.\\nFigure 3-6   IBM Sterling File Gateway in tegration with IBM Sterling Secure Proxy/;#23/;#23#23/;#23#23#23/;#23#23#23#23/;#23#23#23#23#23/;#23#23#23#23#23#23/;#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23 /;#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23 /;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/##40He56442409eb2e77ad61dd1c271fabe6c/##43Hd27e308598cf1f8bcf9e336036f3f448 /;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23/;#23#23/;#23#23#23/;#23#23#23#23/;#23#23#23#23#23/;#23#23#23#23#23#23/;#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23 /##46H7a539460a8268e5915c0973dbb05dce1\\n/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/##49H7d5c40f4f2638829db6b707b7e9400a3/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/##4CH2eb0c8ba15de4cce8fa3c169622f8e93 /;#23#23#23#23#23/##4FHabe68123f3cb4e14e0d59c97044fedf7/##4FHabe68123f3cb4e14e0d59c97044fedf7/##52H929f5141f4575eca8d5e4ef21356227f\\n/;#23/;#23#23/;#23#23#23/;#23#23#23#23/;#23#23#23#23#23/;#23#23#23#23#23#23/;#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23\\n/;#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23/;#23#23/;#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23/;#23/;#23#23/;#23#23#23/;#23#23#23#23/;#23#23#23#23#23/;#23#23#23#23#23#23/;#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23 /;#23#23#23#23#23#23#23#23#23\\n/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/##52H929f5141f4575eca8d5e4ef21356227f/;#23#23#23#23#23#23#23#23/;#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23/##55H86fa5259cb141e4f33f834c08eacfe53/##55H86fa5259cb141e4f33f834c08eacfe53/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/##52H929f5141f4575eca8d5e4ef21356227f\\n/##55H86fa5259cb141e4f33f834c08eacfe53/;#23#23/;#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/##55H86fa5259cb141e4f33f834c08eacfe53/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23/;#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23/##58Hb981034091b194e41ef5193e7127dfd3/##5BH40500acfd45bb67052e9c43dd051a0f4/;#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23/;#23#23#23\\n/;#23/;#23#23/;#23#23#23/;#23#23#23#23/;#23#23#23#23#23/;#23#23#23#23#23#23/;#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23 /##46H7a539460a8268e5915c0973dbb05dce1\\n/g31/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23/##4FHabe68123f3cb4e14e0d59c97044fedf7/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23 /;#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23\\n/##49H7d5c40f4f2638829db6b707b7e9400a3/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23/##4FHabe68123f3cb4e14e0d59c97044fedf7/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/g32/;#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/##4CH2eb0c8ba15de4cce8fa3c169622f8e93/;#23#23#23#23#23/;#23#23#23#23#23#23#23/##49H7d5c40f4f2638829db6b707b7e9400a3/;#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/##58Hb981034091b194e41ef5193e7127dfd3/g31 /;#23#23#23#23#23#23#23#23/;#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/g31/##49H7d5c40f4f2638829db6b707b7e9400a3/;#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23\\n/##55H86fa5259cb141e4f33f834c08eacfe53/##4FHabe68123f3cb4e14e0d59c97044fedf7/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23\\n/##52H929f5141f4575eca8d5e4ef21356227f/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23/g33/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23/g31/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23/##4FHabe68123f3cb4e14e0d59c97044fedf7/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23 /;#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23\\n/g31/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/##55H86fa5259cb141e4f33f834c08eacfe53/g34/;#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23\\n/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23/g35/;#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23/g36/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23\\n/;#23/;#23#23/;#23#23#23#23#23#23/;#23#23#23#23#23#23 /;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/##55H86fa5259cb141e4f33f834c08eacfe53/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/g37/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/##55H86fa5259cb141e4f33f834c08eacfe53/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23\\n/g31/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23/g33/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23\\n/;#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23/;#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23/g38/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23\\n/g39/;#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/g39/;#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/##58Hb981034091b194e41ef5193e7127dfd3/g31\\n/##55H86fa5259cb141e4f33f834c08eacfe53/##4FHabe68123f3cb4e14e0d59c97044fedf7/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23\\n/##52H929f5141f4575eca8d5e4ef21356227f/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23/g33/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23\\n/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23/g40/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23\\n/g41/##46H7a539460a8268e5915c0973dbb05dce1/##40He56442409eb2e77ad61dd1c271fabe6c/;#23#23#23#23#23#23#23#23/g31/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23/##4FHabe68123f3cb4e14e0d59c97044fedf7/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23 /;#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23\\n/;#23/;#23#23/;#23#23#23#23#23#23/;#23#23#23#23#23#23 /;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/##55H86fa5259cb141e4f33f834c08eacfe53/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/g37/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/##55H86fa5259cb141e4f33f834c08eacfe53/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23\\n/##52H929f5141f4575eca8d5e4ef21356227f/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23/g33/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23/g42/g35/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23/;#23#23#23#23#23/##4FHabe68123f3cb4e14e0d59c97044fedf7\\n/;#23#23#23#23#23#23#23#23#23/g34/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/g43/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23/##55H86fa5259cb141e4f33f834c08eacfe53/;#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23/;#23#23#23#23#23#23\\n/##52H929f5141f4575eca8d5e4ef21356227f/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23/g33/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23/g44\\n/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23\\n/;#23#23#23#23#23#23#23#23#23\\n/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23/g45/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23\\n/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23/g46/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23 Chapter 3. Connecting with your partners and managing your communication 61The following list explains the flow in this scenario:\\n1. Arrow (1): Any session initiated by external trading partners (Company A) reaching \\nSterling Secure Proxy. These sessions can be initiated by external trading partners (Company A) FTP/S, SFTP , HTTP or HTTP/s client or server or an IBM Sterling Connect:Direct server.\\n2. Arrow (2): Any session initiated by Company B) reaching Sterling Secure Proxy. These \\nsessions can be initiated by Company B Sterling File Gateway FTP/S, SFTP , HTTP or HTTP/s client or server or an IBM Sterling Connect:Direct Server Adapter. \\n3. Arrow (3): Indicates use of an External Authentication server by Sterling Secure Proxy.4. Arrow (4): Indicates use of an External Authentication server by Sterling B2B Integrator.\\n5. Arrow (5): Indicates use of LDAP by External Authentication server.\\nFor more information, see IBM Sterling Secure Proxy Planning and Installation  at:\\nhttp://help.sterlingcommerce.com/SSP34/index.jsp\\nIBM Sterling File Gateway integrati on with IBM Sterling Control Center\\nIBM Sterling Connect:Direct can be monitored by IBM Sterling Control Center, as shown in \\nFigure 3-7.\\nFigure 3-7   IBM Sterling File Gateway in tegration with IBM St erling Control Center/;#23/;#23/;#23 /;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23 /;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23 /;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23#23/;#23#23#23/;#23#23#23#23/;#23#23#23#23#23/;#23#23#23#23#23#23/;#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23 /;#23#23#23#23#23#23#23#23#23/;#23/;#23#23#23#23#23#23#23#23#23#23/;#23/;#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23/;#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23 /;#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23/;#23#23/;#23#23#23/;#23#23#23#23#23#23#23 /;#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23\\n/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23/;#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23/##40He56442409eb2e77ad61dd1c271fabe6c/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/##43Hd27e308598cf1f8bcf9e336036f3f448/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23 /;#23#23/;#23#23#23/;#23#23#23#23#23#23#23/##40He56442409eb2e77ad61dd1c271fabe6c/;#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/##40He56442409eb2e77ad61dd1c271fabe6c\\n/;#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23 /;#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23\\n/##46H7a539460a8268e5915c0973dbb05dce1/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23/##49H7d5c40f4f2638829db6b707b7e9400a3/;#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/##4CH2eb0c8ba15de4cce8fa3c169622f8e93/;#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23/;#23#23/;#23#23#23/;#23#23#23#23/;#23#23#23#23#23/;#23#23#23#23#23#23/;#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23 /;#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23\\n/;#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23/;#23#23/;#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23 /;#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23\\n/;#23#23/;#23#23#23/;#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23 /;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/##4FHabe68123f3cb4e14e0d59c97044fedf7/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23/##52H929f5141f4575eca8d5e4ef21356227f/##55H86fa5259cb141e4f33f834c08eacfe53/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/##4FHabe68123f3cb4e14e0d59c97044fedf7/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23\\n/;#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/##43Hd27e308598cf1f8bcf9e336036f3f448/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23\\n/##58Hb981034091b194e41ef5193e7127dfd3/##5BH40500acfd45bb67052e9c43dd051a0f4/;#23#23#23#23#23#23/;#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23\\n/;#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23/;#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23 /;#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23\\n/;#23#23/;#23#23#23/;#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23 /;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/##4FHabe68123f3cb4e14e0d59c97044fedf7/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23/##52H929f5141f4575eca8d5e4ef21356227f/##55H86fa5259cb141e4f33f834c08eacfe53/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/##4FHabe68123f3cb4e14e0d59c97044fedf7/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23\\n/##40He56442409eb2e77ad61dd1c271fabe6c/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/##43Hd27e308598cf1f8bcf9e336036f3f448/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23/g31/;#23#23#23#23#23#23#23#23#23#23#23#23/g32 /;#23/;#23/##40He56442409eb2e77ad61dd1c271fabe6c/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/##43Hd27e308598cf1f8bcf9e336036f3f448/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23\\n/;#23/;#23/;#23/g33/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23/;#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23/##40He56442409eb2e77ad61dd1c271fabe6c\\n/##46H7a539460a8268e5915c0973dbb05dce1/g34/g32/g35/;#23#23#23#23#23#23#23#23#23#23#23#23#23 /;#23/;#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23/##46H7a539460a8268e5915c0973dbb05dce1/g34/g32\\n/##40He56442409eb2e77ad61dd1c271fabe6c/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/##43Hd27e308598cf1f8bcf9e336036f3f448/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/##55H86fa5259cb141e4f33f834c08eacfe53/;#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23/g36/;#23#23#23#23#23#23/##40He56442409eb2e77ad61dd1c271fabe6c/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23\\n/;#23#23#23#23#23\\n/;#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23/;#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23 /;#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23/;#23#23/;#23#23#23/;#23#23#23#23#23#23#23 /;#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23\\n/;#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23 62 End-to-end Integration with IBM Sterling B2B In tegration and Managed File Transfer SolutionsFor more information, see the Monitoring with Ster ling Control Center  manual at this website:\\nhttp://help.sterlingcommerce.com/SB2BI52/topic/com.ic.customization.doc/SI_52_PDF/\\nSI52_SCC.pdf\\n3.3.2  IBM Sterling Connect:Direct\\nIBM Sterling Connect:DIrect provides a high performance file based information exchange solution. It can exchange high volume of files between several different platforms. IBM Sterling Connect:Direct is suitable for exchanging files of any sizes and any type that the underlying operating system supports. The number of files exchanged in a time period depends on the hardware resources available. IBM Sterling Connect:Direct can scale up to support larger amounts of data exchange without the need for an extensive reconfiguration.\\nIBM Sterling Connect:Direct is a peer-to-peer solution. An IBM Sterling Connect:Direct \\ninstance communicates to another IBM Sterling Connect:DIrect instance installed at any supported platform or to a Sterling Connect:Direct Server Adapter instance running under an IBM Sterling B2B Integrator.\\nIBM Sterling Connect:Direct supports the following features:\\n/SM590000File-based information exchange is assured: A proprietary protocol guarantees file \\nintegrity.\\n/SM590000Multi-sessions: Several sessions can take place with one or several remote IBM Sterling \\nConnect:Direct instances simultaneously.\\n/SM590000Security: Exchanges occurs integrated with the underlying Operating System security.\\n/SM590000Compression: Compressing data improves performance on low speed lines.\\n/SM590000Encryption: Guarantees authentication, data integrity, and confidentiality.\\nFor more information, see the IBM Sterling Connect:Direct Product Overview  manual at this \\nwebsite:\\nhttp://www.sterlingcommerce.com/documentation/home/MFT/ConnectDirect/Common/CDOver\\nview.pdf\\nIBM Sterling Connect:Direct also has integrations with two additional IBM products:\\n/SM590000WebSphere MQ File Transfer Edition\\n/SM590000WebSphere Message Broker\\nWebSphere MQ File Transfer Ed ition: Connect:Direct bridge\\nWebSphere MQ File Transfer Edition transfers files between systems in a managed and \\nauditable way, regardless of file size or the operating systems used.\\nY ou can use WebSphere MQ File Transfer Edition to build a customized, scalable, and \\nautomated solution that enables you to manage, trust, and secure file transfers. WebSphere MQ File Transfer Edition elim inates costly redundancies, lowers maintenance costs, and \\nmaximizes your existing IT investments.\\nWebSphere MQ File Transfer Edition is built on WebSphere MQ, which provides assured, \\nonce-only delivery of messages between applications. Y ou can take advantage of various features of WebSphere MQ. For example, you can use channel compression to compress the data that you send between agents over WebSphere MQ channels and use SSL channels to secure the data that you send between agents. Files are transferred reliably and can tolerate the failure of the infrastructure over which the file transfer is carried out.  Chapter 3. Connecting with your partners and managing your communication 63From Version 7.0.4 of WebSphere MQ File Transfer Edition, you can transfer files to and from \\nan existing IBM Sterling Connect:Direct network. Use the Connect:Direct bridge (Figure 3-8), which is a component of WebSphere MQ File Transfer Edition, to transfer files between WMQFTE and IBM Sterling Connect:Direct.\\nFigure 3-8   Connect:Direct bridge\\nInformation about “The Connect:Direct bridge” can be found at the following website:\\nhttp://publib.boulder.ibm.com/infocenter/wmqfte/v7r0/topic/com.ibm.wmqfte.doc/cd_b\\nridge_overview.htm\\nInformation about “Configuring the Connect:Direct bridge” can be found at the following \\nwebsite:\\nhttp://publib.boulder.ibm.com/infocenter/wmqfte/v7r0/topic/com.ibm.wmqfte.doc/cd_b\\nridge_configure.htm\\nWebSphere Message Broker: CD Nodes\\nWebSphere Message Broker support for IBM Sterling Connect Direct is introduced in WebSphere Message Broker 7.0.0.4 using APAR IC75621. More details about this APAR can be found at the following website:\\nhttp://www-01.ibm.com/support/docview.wss?uid=swg1IC75621\\nThis feature will also be released in WebSphere Message Broker V8. \\nY ou can use the CDInput node in any flow that is designed to accept files from a IBM Sterling \\nConnect:Direct network. Y ou can use the CDInput node to extend WebSphere Message Broker support for file processing through its integration with IBM Sterling Connect:Direct.\\nOn z/OS, when the CDInput node receives notification of the arrival of a dataset that it should \\nprocess, the node copies that dataset into UNIX System Services temporarily, prior to processing.\\n 64 End-to-end Integration with IBM Sterling B2B In tegration and Managed File Transfer SolutionsThe CDInput node is contained in the File drawer of the palette, and is represented in the \\nWebSphere Message Broker Toolkit by the following icon (Figure 3-9):.\\nFigure 3-9   CDInput node\\nY ou can read more about CDInput node from the InfoCenter at the following website:\\nhttp://publib.boulder.ibm.com/infocenter/wmbhelp/v8r0m0/topic/com.ibm.etools.mft.d\\noc/bc14020_.htm\\nY ou can use the CDOutput node to serialize the message tree to a file and then transfer it \\nbetween two Connect:Direct servers. A directory under the work path within the execution group is used as the staging area, until the file is ready to be transferred.\\nAfter the file is transferred, it is deleted from the staging area. The CDOutput node is \\ncontained in the File drawer of the palette, and is represented in the WebSphere Message Broker Toolkit by the following icon (Figure 3-10):\\nFigure 3-10   CDOutput node\\nY ou can read more about CDOutput node from the InfoCenter at the following website:\\nhttp://publib.boulder.ibm.com/infocenter/wmbhelp/v8r0m0/topic/com.ibm.etools.mft.d\\noc/bc14015_.htm\\n3.3.3  IBM Sterling B2B Cloud Services\\nIBM Sterling B2B Cloud Services provide flexible  solutions and expert services to optimize \\ncustomers’ dynamic business network and reduce the time and complexity of securely integrating with 100% of their business partners.\\n Chapter 3. Connecting with your partners and managing your communication 65IBM Sterling File Transfer Service\\nIBM Sterling File Transfer Service is a cloud se rvice for file-based business interactions with \\ntrading partners. As an alternative to on-premise software, IBM Sterling File Transfer Service allows customers to manage a single, secure, reliable connection to the cloud to reach their partners without the capital expense associated with on-premise software or the operational impact on their IT staff.\\nThis offering fills a void in the portfolio by introducing a cloud servic e to replace on-premise \\nFTP and home-grown solutions for exchanging of large, multi-gigabyte files with B2B partners. The features of IBM Sterling File Transfer Service are listed in Table 3-2.\\nTable 3-2   Service features\\nCapability Description\\nStandards and \\nprotocolsProvides the following capabilities:\\n/SM590000Industry protocols: FTP , FTP/S, S/FTP , OFTP2 and AS2\\n/SM590000Utilize Zip to compress files\\nCentralized \\nmonitoring and \\nmanagementIBM Sterling InFlight Data Management visibility tool provides users: \\n/SM590000Reports and alerts for exception-based monitoring and event management\\n/SM590000Real-time views into file exchanges with trading par tners for all files tracked from start to finish\\n/SM590000Timely and accurate audit trails for all file transfer activity\\n/SM590000Mobile access to search, view and track transfers\\nSecurity and \\ngovernanceProvides the following capabilities:\\n/SM590000Connect to IBM Sterling File Transfer Service by a secure protocol, including IBM Sterling \\nConnect:Direct\\n/SM590000PGP encryption secu res files in-flight\\n/SM590000Single sign on user access\\n/SM590000Administrator IDs manage user access permissions and control screen level access\\n/SM590000Transfer logging provides a complete audit trail of file transfer activities\\nScalability IBM Sterling File Transfer Service scales with customers’ demand with minimal impact on their \\nresources and infrastructure:\\n/SM590000Flexible consumption models based on file sizes, volumes, and number of partners\\n/SM590000Process high volumes and large files within the capabilities for each protocol without \\ncompromising performance\\nFile transfer \\nautomationProvides the following capabilities:\\n/SM590000A single, secure connection with IBM Sterling File Transfer Service reaches partners\\n/SM590000Retry capabilities automate the repl ay and resend of failed transfers\\n/SM590000Intelligently route files based on sender, file name, and file type\\n/SM590000Protocol conversions in the cloud leverage partners’ existing protocols\\nOutsourced \\nservicesUse IBM skilled personnel to manage customer s’ B2B file transfer environment with:\\n/SM590000Onboarding services to support their trans ition to IBM Sterling File Transfer Service\\n/SM590000The geographical coverage, language support, availability and level of expertise to meet their \\nsupport needs, including phone, Web, and e-mail support\\n/SM590000Partner help desk services 66 End-to-end Integration with IBM Sterling B2B In tegration and Managed File Transfer SolutionsIBM Sterling B2B Collaboration Network\\nIBM Sterling B2B Collaboration Network is a cloud platform for delivering B2B integration and \\nvisibility, enabling customers to rapidly conn ect, exchange, and ma nage business data with \\nglobal partners. It acts as the communicati ons link between customers and their business \\npartners, and offers a growing list of on-demand application services. \\nIBM Sterling B2B Collaboration Network processes a variety of B2B integration requirements, \\nprovides flexibility to support varying needs, and improves speed to market for a range of \\nhosted offerings, listed next:\\n/SM590000Exchange Services:\\nExchange Services enable customers to communicate securely with anyone, in any way, \\nregardless of protocols, data formats, and preferred communication methods. Each customer has a single point of connection for business exchanges with many business partners, regardless of the type of communications protocol or data format required by each business partner.\\n/SM590000Translation Services:\\nTranslation Services enable customers to communicate with trading partners in any of the \\nfollowing translatio n relationships:\\n– XML to EDI and EDI to XML\\n– Proprietary data to EDI or XML– EDI or XML to proprietary data– EDI to EDI (including EDI data routed as e-mail attachments)– Flat-file layout to flat-file layout\\n/SM590000Community Services:\\nCommunity Services interconnect to other networks and bridges to other exchanges and \\ncommunities. Additionally, web-based services  and fax services help customers integrate \\nexchanges with trading partners who do not have EDI systems. The following are the available Community Services offerings:\\n– IBM Sterling Web Forms\\n– IBM Sterling Fax Conversion Services– IBM Sterling Managed AS2 Gateway\\n– IBM Sterling Service Bureau for SWIFT\\n– IBM Sterling Community Development Services\\n/SM590000Visibility Services:\\nVisibility Services enable cust omers to see the process as t heir business data is routed \\nthrough IBM Sterling B2B Collaboration Network to and from their trading partners. These services improve strategic decision making with real time visib ility and alerts into \\ncustomers’ B2B operations. The following Vi sibility Services offerings are available:\\n– IBM Sterling Document Tracking\\n– IBM Sterling InFlight Data Management– IBM Sterling Report Visibility– IBM Sterling Supply Chain Visibility\\n/SM590000Application Services:\\nApplication Services provide specific industry and business functionality. The following \\nApplication Services offerings are available:\\n– IBM Sterling e-Invoicing\\n– IBM Sterling Transportation Management System– IBM Sterling Supplier Portal– IBM Sterling Data Synchronization Manager Chapter 3. Connecting with your partners and managing your communication 67IBM Sterling Web Forms\\nIBM Sterling Web Forms is a customizable website operated by IBM that enables customers’ \\ntrading partners to create and exchange business documents using the Internet. It helps customers integrate smaller trading partners, who do no t have EDI capabilities, into their \\nelectronic trading community.\\nTo replace paper business documents with electronic commerce, customers sponsor Web \\nForms communities that allow their smaller partners to receive, complete, and send electronic business documents from IBM Sterling Web Forms website. Web Forms communities function as follows:\\n/SM590000A Web Forms community consists of a large company that sponsors the service and its \\nsmaller business partners that are members of the community.\\n/SM590000The sponsor sends a data file, in either EDI or XML format, to IBM Sterling B2B \\nCollaboration Network, which routes the document to IBM Sterling Web Forms system. \\nWeb Forms translates the data format into the Web Forms proprietary format, and posts it on the Web Forms site for the member to retrieve.\\n/SM590000Members use a web browser to access the Web Forms site and complete an HTML-based \\ndocument, also called a Web Form.\\n/SM590000Sponsors use a browser to access the Sterling Web Forms administration site, where they \\ncan create messages for their members, generate reports about their community’s activity, change login information given to new members, and so on.\\n3.3.4  IBM Sterling Control Center\\nIBM Sterling Control Center provides centralized management, monitoring and notification for several IBM Sterling products: \\nIBM Sterling Control Center  monitoring and notification\\nIBM Sterling Control Center monitors operations on IBM Sterling products and issue real-time \\nnotifications in case any problem is detected,\\nSome benefits of IBM Control Center monitoring/notification functions are as follows: \\n/SM590000No processing exception goes undetected, thus preventing business impacts.\\n/SM590000It helps processing windows to be met.\\n/SM590000It avoids situations where a Service Level Agreement (SLA) is not respected.\\nHere are the main examples of the operations monitored by IBM Sterling Control Center:\\n/SM590000IBM Sterling Connect:Direct Server Status\\n/SM590000IBM Sterling Connect:Direct processes activities\\n/SM590000IBM Sterling Connect:Direct File Agent F ile Agent Service In itialization Error\\n/SM590000Process not submitted by File Agent within a time period\\n/SM590000IBM Sterling B2B Integrator Perimeter Server Status\\n/SM590000IBM Sterling B2B Integr ator Adapter Status\\n/SM590000IBM Sterling B2B Integrator Business Process activities\\n/SM590000IBM Sterling B2B Integrator AFT File Transfer Activities\\n/SM590000IBM Sterling B2B Integrator Sterling File Gateway (SFG) activities\\n/SM590000File Transfer Protocol (FTP) activities 68 End-to-end Integration with IBM Sterling B2B In tegration and Managed File Transfer Solutions/SM590000IBM Sterling Control Center can notify when an IBM Sterling Connect:DIrect Secure+ \\ncertificate is about to expire.\\n/SM590000IBM Sterling Control Center can notify when and IBM Sterling Connect DIrect license is \\nabout to expire.\\nFor more information, see the Sterling Integrator manual, Monitoring with Sterling Control \\nCenter, at this website: \\nhttp://help.sterlingcommerce.com/SB2BI52/topic/com.ic.customization.doc/SI_52_PDF/\\nSI52_SCC.pdf\\nIBM Sterling Control Center  Service Level Criteria \\nAnother important feature of IBM Sterling Control Center is the Service Level Criteria (SLC). \\nSLCs define an event that should occur in a time period. For instance, an IBM Sterling Connect:DIrect process is expected to be executed every Monday between 03:00PM and 04:30PM. If process execution does not occur in that time window, an SLC can generate a notification so that measures could be taken to fix the problem.\\nFor more information, see the IBM Sterling Control Center System Administration Guide  at \\nthis website:\\nhttp://www.sterlingcommerce.com/documentation/SCC53/PDF/SystemAdministration.pdf\\nIBM Sterling Control Center Notification \\nIBM Sterling Control Center notifications can be made available in the following ways:\\n/SM590000IBM Sterling Control Center consoles. There is  a local console, and remote consoles run \\nunder a web browser.\\n/SM590000SMTP (e-mails) can be sent to administration or operation users.\\n/SM590000SNMP traps can be sent to a suitable application.\\n/SM590000Emits JMS to IBM MQ Broker, which can be accessed by WebSphere.\\nEach user has restricted ac cess to some events only. © Copyright IBM Corp. 2012. All rights reserved. 69Chapter 4. Routing and transforming \\nmessages\\nThis chapter describes the components used to integrate message based routing and \\ntransformation in the scenarios demonstrated in Part 2, “Scenarios based on the proposed solution architecture” on page 101. In addition to describing the components used, we discuss recommended practices, alternative methods, and alternative products. \\nWe also describe how WebSphere Transformation Extender, WebSphere Message Broker, \\nWebSphere DataPower Appliance, and Sterling B2B Integrator can all work together to accomplish functional requirements to route, tr ansform, and translate messages from source \\nto target, regardless of the protocols and formats that make up the environment.\\nThis chapter includes the following sections:\\n/SM5900004.1, “What are the business requirements?” on page 70\\n/SM5900004.2, “Message based integration choices” on page 72\\n/SM5900004.3, “Product information” on page 744 70 End-to-end Integration with IBM Sterling B2B In tegration and Managed File Transfer Solutions4.1  What are the business requirements?\\nWhat a business requires in terms of transformat ion and routing is always based on the kind \\nof business being done. Requirements can depend on these factors:\\n/SM590000Nature of existing services\\n/SM590000Kind of data to be transferred\\n/SM590000Communication protocol\\n/SM590000Industry standards\\n/SM590000Business monitoring and intelligent routing\\nBefore we proceed further, we need to understand the meaning of mediation . Simply put, \\nmediation can mean either of the following types of intervention:\\n/SM590000An intervention in a dispute in order to resolve it\\n/SM590000An intervention in a process or relationship\\nIn the process of mediation, it  is required that the parties in volved are willing to communicate \\nand negotiate with each other. Then it becomes the responsibility for a mediator to enable \\nmediation between the involved parties.\\nIn a real world scenario, assume that some business is being conducted between Chinese \\nand American parties. The Chinese business representative only speaks and understands Chinese, and the American representative only speaks and understands English. For both of them to directly communicate with each other is next to impossible, so they would need a translator who can perform language translation or \\nmediation  between the two business \\nrepresentatives. Chapter 4. Routing and transforming messages 71Figure 4-1 illustrates the langua ge mediation task performed by the language translator.\\nFigure 4-1   Language mediation by translator\\nIf we replace business representatives by software services, which need to communicate with \\neach other for business integration, there is a need for a software mediation module to help integrate these business services. The mediati on module needs to enable this integration \\nwith the following features:\\n/SM590000Content transformation\\n/SM590000Communication protocol switching\\n/SM590000Message routing\\nFigure 4-2 illustrates the medi ation module components.\\nFigure 4-2   Software mediation module\\n 72 End-to-end Integration with IBM Sterling B2B In tegration and Managed File Transfer SolutionsTo illustrate the responsibilitie s of the mediation module, we use an example of a simple \\nmediation that provides stock quotes. A client application provides a query containing a stock symbol and customer ID to the mediation module which processes the query. The customer\\'s subscription level is determined, and depending on the level of subscription, the query is routed to the appropriate service provider. The quote that is returned from the service provider is converted into the customer\\'s preferred currency before it is returned to the client application.\\nWe are using a mediation module because we want to use different interfaces from two \\nexternal service providers, and expose a single interface to the client application. We need to build the service quickly with the ability to c hange the application on  demand, and without \\nmodeling a business process. We also want th e ability to change the se rvice provider without \\ndisrupting the service. Figure 4-3 shows the complete mediation.\\nFigure 4-3   Stock quotes mediation module\\n4.2  Message based integration choices\\nIn this section, we discuss message based integration patterns. More details about these patterns can be found at the following websites:\\nhttps://www.ibm.com/developerworks/wikis/display/esbpatterns/Message-based+Integra\\ntion\\nhttp://www.ibm.com/developerworks/library/ws-enterpriseconnectivitypatterns/index.\\nhtml\\nMediation infrastructure can help an existing messaging infrastructure by providing an \\nenvironment for building and deploying “infrastructure level” message based “applications”. Examples of such “applications” include rout ing and transformation services. In a message \\noriented model, we are typically much more focused around the data that is flowing through the system and the set of actions that are applied to this in-flight data; that is, we have more of a producer-to-consumer view. While it is not an absolute distinction, this line of thinking can \\ninfluence the context in which we seek to apply each pattern listed next:\\n/SM590000Message router pattern\\n/SM590000Message translator pattern\\n/SM590000Message bridge pattern\\n/SM590000Message aggregator pattern\\n Chapter 4. Routing and transforming messages 73/SM590000Message splitter pattern\\n/SM590000Message request/response correlator\\n/SM590000Message router pattern\\nThe message router pattern can be used to provide a strong level of decoupling between \\napplications or services which need to exch ange data by enabling data sent from one \\napplication to be routed to one of several potential target applications based on various conditions.\\nContext-based routers select an appropriate target based on the identity of the sender or on \\nsome aspect of the data carried in a protocol header. Content-based routers make a selection based on the content of the message payload. Load-based routers use information about the application load on the various target systems.\\n4.2.1  Message translator pattern\\nThe message translator pattern allows data from one application to be mapped into the data format required by another application without either application being aware that such mapping is needed or taking place. This pattern covers anything from direct mapping to highly complex transformations possibly involving lookups and cross references.\\n4.2.2  Messaging bridge pattern\\nThe messaging bridge pattern maps data from one transport mechanism to another without modifying the format or content of the message payload. An implementation of this pattern must also handle the mapping between the different addressing schemes which might be used by the separate messaging systems.\\nA frequent example of the use of this pattern is the bridging between JMS implementations \\nfrom different vendors.\\n4.2.3  Message aggregator pattern\\nThe message aggregator pattern addresses the need to take multiple messages from one or more applications and merge them into a single piece of data to be propagated as a new message. The inbound messages can come from independent applications or an be asynchronous response messages from a set of applications which received requests from an implementation of the message splitter pattern (described below in “Message splitter pattern” on page 73).\\nAn implementation of this pattern can simply concatenate the individual source messages or \\ncan incorporate some mo re sophisticated set of data mapp ing capabilities. It must also be \\nable to handle the failure of an expected inbound message to arrive within a prescribed time period and the subsequent late arrival of this message.\\n4.2.4  Message splitter pattern\\nThe message splitter pattern extracts subsets of  a message which are then sent as separate \\nmessages to multiple target applications. A set of mapping rules define how the original inbound message is to be broken apart into constituent pieces. 74 End-to-end Integration with IBM Sterling B2B In tegration and Managed File Transfer Solutions4.2.5  Message request/ response correlator pattern\\nA typical message broker system is often processing multiple requests from the same stream \\nor queue in a parallel, asynchronous manner. When such requests are being routed to a further system (or systems), there is a requirement to correlate any response messages to the original request. The message request/response  correlator pattern provides a solution to \\nthis particular problem.\\n4.3  Product information\\nIn this section we discuss the IBM products used for routing and transforming the messages.\\n4.3.1  WebSphere Message Broker\\nWebSphere Message Broker is a platform-independent  based ESB that pr ovides universal \\nconnectivity. It can be used to integrate disp arate applications and is designed to transform \\nvarious formats of data between any type of applications using a number of supported communications protocols or distribution methods. It is used where there is a need for high-performance and complex integration patterns.\\nWebSphere Message Broker V8.0 offers simplicity and productivity in terms of developing \\nand managing the WebSphere Message Broker environment. WebSphere Message Broker plays a critical role in SOA and offers a wide range of SOA scenarios in which it can be integrated. The dynamic operational management of WebSphere Message Broker enables administrators to effectively understand and modify broker behavior, which thus enables them to respond quickly to business requirements. WebSphere Message Broker is supported on a large range of platforms and environments.\\nInstalling and configuring WebSph ere Message Broker V8 .0 is significantly simplified with the \\nremoval of the Configuration Manager, the User Name Server components, and the removing the requirement for a system database.\\nFor additional information about these changes, go to the following website:\\nhttp://publib.boulder.ibm.com/infocenter/wmbhelp/v8r0m0/topic/com.ibm.etools.mft.d\\noc/bb23110_.htm\\nProcessing logic in WebSphere Message Broker is implemented using message flows. \\nThrough message flows, messages from business applications can be transformed and routed to other business applications. Message flows are created by connecting nodes together. A wide selection of built-in nodes are provided with WebSphere Message Broker. These nodes perform tasks that are associated with message routing, transformation, and enrichment. The base capab ilities of WebSpher e Message Broker are enhanced by \\nSupportPacs that provide a wide range of additional enhancements. Chapter 4. Routing and transforming messages 75Message routing\\nRouting a message involves sending an incoming message to a destination that is based on a \\ncriteria. The destination can be predefined (static) or based on information that is obtained at the time of the message flow (dynamically). A common routing pattern includes a dynamic lookup of the destination based on the incoming message type and routing the message to that destination. This routing pattern typically consists of the steps shown in Figure 4-4.\\nFigure 4-4   A typical routing mechanism\\nPackaged with WebSphere Message Broker are a variety of nodes through which connectivity is provided for both standards and non-standards-based applications and services. Routing can be point-to-point or based on matching the content of the message with a pattern that is specified in a node. \\nAggregation is an advanced form of message routing. With aggregation, a request message \\nis received, and multiple new request messages are generated. Each new message is routed to its destination using a request-reply interaction. WebSphere Message Broker tracks the process, collecting each response and recomposing them into a single output message. \\nFigure 4-5 shows the nodes available in the WebSphere Message Broker palette for enabling \\nmessage based routing. \\nFigure 4-5   Routing nodes in WebSphere Message Broker\\nRouting can also be performed programmatically using Compute Node, Java Compute Node, PHP Node, and .Net Compute node. \\n 76 End-to-end Integration with IBM Sterling B2B In tegration and Managed File Transfer SolutionsMessage transformation\\nOne of the key capabilities of WebSphere Message Broker  is the transformation and \\nenrichment of in-flight messag es. This capability enables bu siness integration without the \\nneed for any additional logic in the applications, for example, an application that generates messages in a custom format can be integrated with an application that only recognizes XML. This capability provides a po werful mechanism to unify or ganizations because business \\ninformation can now be distributed to applications that handle completely separate message formats.\\nIn WebSphere Message Broker, message transformation and enrichment are dependent \\nupon a broker understanding the structure and content of the incoming message. Self-defining messages, such as XML messages, contain information about their own structure and format. However, before other messages, such as custom format messages, can be transformed or enhanced, a message definition of their structure must exist. The WebSphere Message Broker Toolkit contains  facilities for defining messages to the \\nWebSphere Message Broker.\\nUsing parsers and message sets, WebSphere Message Broker can validate and check that \\nincoming messages comply with the format that is defined in the message set. A flow can be constructed to reject and handle non-compliant messages. Additionally, complex manipulation of message data can be performed using extended SQL (ESQL), Java, and PHP facilities, which are provided in the WebSphere Message Broker Toolkit.\\nWebSphere Transformation Extender can be integrated into the WebSphere Message Broker \\nESB solution to extend the exis ting capabilities and to simp lify transformation development.\\nApplications typically use a combination of messages, which includes those that are defined \\nby the following structures or standards:\\n/SM590000C and COBOL data structures\\n/SM590000Industry standards such as X12, ACCORD AL3, EDIFACT, SWIFT, EDI or HL7\\n/SM590000XML DTDs or schemas\\n/SM590000SOAP\\n/SM590000CSV\\n/SM590000IDoc\\n/SM590000User Defined\\nMediation flows must be able to transform a message from one format to another with \\nacceptable throughput. Messages in WebSphere Message Broker can be transformed using one of the following ways:\\n/SM590000Compute node (ESQL)\\n/SM590000XSLTransform node (Extensible Stylesheet Language Transformations)\\n/SM590000Mapping node (graphical)\\n/SM590000JavaCompute node (Java)\\n/SM590000Runtime message set and definition\\n/SM590000PHPCompute node (PHP)\\n/SM590000WebSphere TX node\\nAlong with the nodes in the \\nTransformation  tab, an additional WTX node is also available in \\nthe WebSphere Message Broker toolkit, after the IBM WebSphere Transformation Extender Design Studio is installed on the same development workstation. Figure 4-8 on page 80 illustrates the WebSphere TX  node in the WebSphere Message Broker toolkit. Chapter 4. Routing and transforming messages 77When a message arrives from a transport protocol wired to the message flow runtime, the \\nmessage bit stream is parsed using a phys ical format, such as XML. See Figure 4-6.\\nFigure 4-6   WebSphere Message Broker runtime architecture\\nWhen the message format is known, the broker parses an incoming message bit stream \\nusing the message set and definition that are defined on the flow configuration and converts it into a logical message tree for later manipulation. After the message is processed by the message flow, the broker converts the messag e tree back into a message bit stream. The \\ntransformation includes reformatting the message, concatenating the strings, or changing the element values.\\nThe following physical formats are supported by the broker run time:\\n/SM590000XML:\\nThis format is the default runtime configuration. The message structure is validated and \\ntransformed using the parser specification that is defined inside the message flow.\\n/SM590000Text (TDS):\\nThe Text or Tagged Delimited String (TDS) physical format is designed to model \\nmessages that consist only of text strings. Examples of TDS messages are those that conform to the ACORD AL3, EDIFACT, HL7, SWIFT, and X12 standards. The TDS physical format allows a high degree of fl exibility when defining message formats and is \\nnot restricted to modeling specific industry standards. Therefore, you can use the TDS format to model your own messages.\\n/SM590000Binary (CWF):\\nThe Binary or Custom Wire Format (CWF) is a physical representation of a message that \\nis composed of a number of fixed format data structures or elements, which are not separated by delimiters. The CWF physical format is typically used to describe messages that are mapped to a C structure, a COBOL copybook, or any other programming language data structure definition.\\nMessage set:  A message set can have one or more physical formats on each XML, TDS, \\nand CWF format. 78 End-to-end Integration with IBM Sterling B2B In tegration and Managed File Transfer SolutionsWebSphere Message Broker typically supplies a range of parsers to parse and write \\nmessage formats. Some message formats are self-defining and can be parsed without reference to a model. An example of a self-defining message format is XML. In XML, the message itself contains metadata and data values, enabling an XML parser to understand an XML message even if no model is available.\\nMost message formats, however, are not self-defining. That is, a binary message that \\noriginates from a COBOL program and a SWIFT formatted text message do not contain sufficient metadata to enable a parser to understand the message. The parser must have access to a model that describes the message to parse it correctly.\\nTable 4-1 lists the supported parsers for WebSphere Message Broker.\\nTable 4-1   WebSphere Message Broker parsers\\nMessage models \\nMessage modeling is a way to predefine the message formats that applications use. \\nWebSphere Message Broker uses message models to automatically parse and write message formats.\\nThe components of a message model are as follows:\\n/SM590000 Message set projects\\n/SM590000 Message sets\\n/SM590000 Message definition files\\n/SM590000 Message categoriesParser name Parser description\\nMRM For modeling a wide range of messages, including XML, fixed-format binary, and \\nformatted text. This domain is usually used for enrichment of the message \\ntransformation; for example, creating COBOL copybook using CWF .\\nXMLNSC\\nXMLNS\\nXMLFor messages that conform to the W3C XML standard. The input bitstream must \\nbe a well-formed XML document that conf orms to the W3C XML specification. \\nXMLNSC is the preferred domain for generic XML messages, and messages using XML namespaces.\\nDataObject\\nIDOCUsed for messages going in and out of WebSphereAdapter nodes. The \\nDataObject parser parses the business objects  that are received from EIS. It is \\nguided by XML schemas that model the EIS business objects. IDOC is \\nimplemented by using the SAP BAPI and the IDoc SAP format.\\nMIME For handling multipart MIME messages, such as SOAP with attachments or \\nRosettaNet.\\nBLOB A parser that is used with messages that do not need to be interpreted in a \\nlogical message tree. The run time internally interprets the message as a BLOB bit stream. It is commonly used with me ssages that do not have a well-defined \\nelement tree structure, such  as the ISO8583 standard.\\nJMSMap\\nJMSStreamFor modeling messages that are produced by the implementations of JMS \\nstandard. JMSMap domain can be used when handling JMS messages of type \\nMapMessage. JMSStream domain can be used when handling JMS messages of type StreamMessage.\\nSOAP Creates WSDL-based logical tree format to work with Web Services and \\nvalidates incoming messages against a WSDL definition. Chapter 4. Routing and transforming messages 79The majority of the model content is described by message definition files. These files use the \\nXML schema to represent the messages. Each message definition file describes both the logical structure of the messages and the physical format or formats that describes the appearance of the message bit stream during transmission.\\nIf you are using the MRM domain, you must provide physical format information. This \\ninformation tells the MRM parser how to parse t he message bit stream. If you are using one of \\nthe XML domains, physical format information is not needed.\\nHowever, if your messages are self-definin g and do not require m odeling, there are still \\nadvantages to modeling them:\\n/SM590000Enhanced parsing of XML messages:\\nAlthough XML is self-defining, without a model all data values are treated as strings. If a \\nmodel is used, the parser knows the data type of data values and can cast the data accordingly.\\n/SM590000 Improved productivity when writing ESQL:\\nWhen you create ESQL programs for WebSphere Message Broker message flows, the \\nESQL editor can use message models to provide code completion assistance.\\n/SM590000Drag-and-drop message maps:\\nWhen you create message maps for WebSphere Message Broker message flows, the \\nMapping editor uses the message model to po pulate its source and target views. Without \\nmessage models, you cannot use the Mapping editor.\\n/SM590000More efficient way to implement websites:\\nPHP is a dynamic scripting language that is most frequently used to implement websites. \\nPHPCompute node provides th e ability to transform and ro ute messages in WebSphere \\nMessage Broker V8.0.\\n/SM590000Runtime validation of messages:\\nWithout a model, it is not possible for a parser to check that input and output messages \\nhave the correct structure and data values.\\n/SM590000Reuse of message models in whole or in part can be done by creating new messages \\nbased on existing messages.\\n/SM590000Automatic generation of documentation.\\n/SM590000Provision of version control and access control for message models by storing them in a \\ncentral repository.\\nTip: When creating output messages, the MRM parser can automatically generate the \\nXML declaration and other XML constructs based on options in the model, which simplifies the transformation logic. For more information about when to use MRM or XMLNS(C) domains, search on “Which XML parser should you use” in the WebSphere Message Broker Information Center at the following website:\\nhttp://publib.boulder.ibm.com/infocenter/wmbhelp/v8r0m0/index.jsp?topic=/com.ib\\nm.etools.mft.doc/ad70530_.htm 80 End-to-end Integration with IBM Sterling B2B In tegration and Managed File Transfer SolutionsMessage transformation nodes\\nAfter a logical message structure is created, the implementing flow has full access to the \\nparsed elements inside of the message. In this sections, we describe the nodes that can be used to transform a message wit hin a mediation flow. Figure 4-7 illustrate nodes available in \\nWebSphere Message Broker palette to perform message transformation. \\nFigure 4-7   Transformation nodes in WebSphere Message Broker\\nFigure 4-8 illustrates the WTX Map node for message transformation. WTX Map node uses \\nWTX maps for message transformation. WTX maps can be deployed on execution group or can be used from an external location.\\nFigure 4-8   WTX Map node\\nUsing WTX nodes for tranformation:  There are multiple nodes available in WebSphere \\nMessage Broker for routing and transformation of business data. A list of these nodes was also discussed in 4.3.1, “WebSphere Message Broker” on page 74. \\nAs a best practice, it is recommended to use WTX node for tranformation, with WTX \\nIndustry standard packs. WTX offers multiple industry standard packs, for example:\\n/SM590000WebSphere Transformation Extender pack for ACORD\\n/SM590000WebSphere Transformation Extender pack for HL7\\n/SM590000WebSphere Transformation Extender pack for HIPAA\\n/SM590000WebSphere Transformation Extender pack for SEPA\\n/SM590000WebSphere Transformation Extender pack for EDIFACT\\n/SM590000WebSphere Transformation Extender pack for SWIFT\\n/SM590000WebSphere Transformation Extender pack for X12\\nTo read more details about WTX node, see the following websites:\\nWTX Map node overview:\\nhttp://publib.boulder.ibm.com/infocenter/wtxdoc/v8r2m0/index.jsp?topic=/com.ibm\\n.websphere.dtx.wtx4wmb.doc/concepts/c_wtx4wmb_node_overview.htm\\nDesigning, developing, and deploying WebSphere Transformation Extender:\\nhttp://www.ibm.com/developerworks/websphere/library/techarticles/0907_gupta/090\\n7_gupta.html\\nChapter 5, “Health Insurance scenario” on page 103 illustrates usage of WTX node in \\nWebSphere Message Broker with WebSphere Transformation Extender pack of HIPAA.\\n Chapter 4. Routing and transforming messages 814.3.2  WebSphere Transformation Extender\\nWebSphere Transformation Extender is an Enterprise Application Integration tool used for \\ntranslation and transformation of messages from any source format to any target format, and allows messages from one or many sources to be translated and transformed to one or many targets at the same time. In this section, we discuss the WebSphere Transformation Extender products that we use to implement the scenarios in Part 2 of this book, as well as the methods and practices we used to implement the components of the solution where WebSphere Transformation Extender is deployed.\\nWebSphere Transformation Extender Design Studio\\nWebSphere Transformation Extender Design Studio  is the development tool used to design \\nand develop the maps used for transformation and translation tasks. We do not get into details of development, because the purpose of th is book is integration, but we do describe a \\nfew features of the Design Studio that accelerate development, testing, and delivery of the maps that you need in your solution.\\nAfter you have developed and tested your map on your local platform, you need to do \\npreliminary testing in the target  environment with your target integration software. The Design \\nStudio makes testing your map on the target very simple in the case of Sterling B2B Integrator and the WebSphere DataPower Appliance. WebSphere Message Broker requires more effort, because the ability to test on the br oker from the Design Studio is not built in.\\nTesting a map on the Sterling B2B Integrator server\\n“WebSphere Transformation Extender for Integration Servers” must be installed before you \\ncan execute a map on the Sterling B2B Integrator server. The Design Studio gives you the ability to test and deploy maps from  within Design Studio on the server as well, as long as you \\nhave “WebSphere Transformation Extender for Integration Servers” installed on the development platform in addition to the server. It is not required that you deploy a map to the server before you are able to test it on the server from Design Studio.  82 End-to-end Integration with IBM Sterling B2B In tegration and Managed File Transfer SolutionsIn order to test or deploy a map from the Design Studio on the server where Sterling B2B \\nIntegrator is installed, you must first configure the connectivity settings for the Test Map service and the Check In map service in the Design Studio. These two services can share the same connectivity settings. It is done by navigating to Window \\uf0ae Preferences \\uf0ae \\nTransformation Extender \\uf0ae Map\\uf0ae Sterling B2B Integrator. (Figure 4-9). Y ou would then \\npopulate the information. If you need assistance on how to configure the Design Studio for the appliance, help is available by navigating to the WebSphere Transformation Extender help window.\\nFigure 4-9   WebSphere Transformation Ex tender Sterling B2B Integrator preference\\n Chapter 4. Routing and transforming messages 83After the configuration has been completed, you can then execute the map on the server from \\nDesign Studio by either right-clicking the executable map in the Composition or Outline view and then selecting Run on Sterling B2B Integrator or by clicking the executable map and \\nusing the key combination “Ctrl+Shift+R”. \\nY ou can deploy the map by performing the same steps as described for executing the map, \\nexcept that you would choose Deploy to Sterling B2B Integrator  or use the key combination \\n“Ctrl+Shift”D”. See Figure 4-10.\\nFigure 4-10   Test or deploy map on Sterling B2B Integrator server\\nTesting a map on the WebSphere DataPower Appliance\\n“WebSphere Transformation Extender for Integration Servers” is not required to be installed in \\norder to test or deploy maps on the WebSphere DataPower Appliance. The appliance ships with the runtime in the firmware, and the Design Studio has the ability to  test the map on the \\nappliance, and deploy to the appliance built in. Integration:  The integration of WebSphere Transformation Extender with the WebSphere \\nDataPower Appliance, discussed in this section, describes the integration available in \\nWebSphere Transformation Extender v8.3.x. \\nAt the time this book was written, WebSphere Transformation Extender v8.4.0 did not \\nexpose the WebSphere DataPower Appliance inte gration capability. In tegration similar to \\nwhat is discussed, along with extended capabilit ies, will be available in v8.4.x when v5.0 of \\nthe WebSphere DataPower Appliance is released.\\n 84 End-to-end Integration with IBM Sterling B2B In tegration and Managed File Transfer SolutionsIn order to test or deploy a map on the WebSphere DataPower Appliance, you must configure \\nthe connectivity settings for the TX-Test XML Firewall Service and the XML Management Interface Service in the Design Studio. Y ou do it by navigating to Window \\uf0ae Preferences \\uf0ae \\nTransformation Extender \\uf0ae Map\\uf0ae DataPower. (Figure 4-11). Y ou then populate the \\ninformation. If you need assistance on how to configure the Design Studio for the appliance, help is available by navigating to the WebSphere Transformation Extender help window.\\nFigure 4-11   WebSphere Transformat ion Extender DataPower preference\\n Chapter 4. Routing and transforming messages 85After the configuration has been completed, you can then execute the map on the appliance \\nfrom the WebSphere Transformation Extender Design Studio. However, only maps built to be executed on the appliance can be tested this way.  The reason for it is that not all capabilities \\navailable on other server platforms are available on the appliance. Y ou build a map for the appliance by navigating to Map Settings and setting the “MapRuntime” attribute of the map to WebSphere DataPower through the drop-down list. See Figure 4-12.\\nFigure 4-12   Design Studio map setting to build map for WebSphere DataPower Appliance\\nAfter it is done, you would build the executable map as you normally would, and the build process would create a map specifically built to run on the appliance, with the extension .dpa. \\nAfter the map has been built, you can test it locally, test it on the appliance from the Design Studio, or deploy it to the applianc e. You test locally by selecting Run Locally  from the \\ncontext menu or by right-clicking the executable map in the Composition or Outline view. Selecting this option does not execute the map on the appliance. \\nY ou can test the appliance by clicking the normal Run icon after the map has been built for \\nthe appliance and the connectivity settings have been configured. Finally, you can deploy the map to the appliance by selecting Deploy to DataPower  from the context menu by \\nright-clicking the executable map in the Composition or Outline view. See Figure 4-13.\\n 86 End-to-end Integration with IBM Sterling B2B In tegration and Managed File Transfer SolutionsFigure 4-13   Test or deploy map on the WebSphere DataPower Appliance\\nTesting a map on WebSphere Message Broker\\nThe Design Studio does not allow you to test from the designer on the target WebSphere \\nMessage Broker platform as it does for the WebSphere DataPower Appliance or the Sterling B2B Integrator server. However, like maps that execute on the Sterling B2B Integrator, maps intended to execute from WebS phere Message Broker will execut e as they do on the local \\nDesign Studio environment as long as the map has been built for the environment that hosts the broker. Unit testing a map on the broker is discussed in “Testing maps in a WebSphere Message Broker runtime environment” on page 88.\\nImporting data format definitions\\nAlong with the ability to execute maps on prac tically any platform, another of the most \\npowerful features of WebSphere Transformation Extender is the ability to represent any type \\nof message format through a type tree definition. \\nA type tree is the proprietary data definition structure used by WebSphere Transformation \\nExtender to parse inbound data, and to build outbound data. In order to expedite generation of type trees, WebSphere Transformation Exte nder Design Studio provides the ability to \\nimport many standard data definitions into type trees. Valid xml schema definitions can either be imported into type trees, or used natively to define input and output. It is recommended that native xsd be used unless additional data definition properties need to be defined that are not supported as native xsd, or you intend to process broken or illegal XML. \\n Chapter 4. Routing and transforming messages 87In addition to the WebSphere Transformation Extender type importers that allow you to import \\nthe formats shown in Figure 4-14, application specific importers are available as add-on components to support formats like SAP IDocs, SAP BAPI, SAP ALE, and more.\\nFigure 4-14   WebSphere Transfo rmation Extender Type Importers\\nWebSphere Transformation Extender  for Integration Servers\\nWebSphere Transformation Extender for Integration Servers allows WebSphere \\nTransformation Extender translat ion capabilities and components to be ready to deploy in \\nmessage flows, mediation flows, and business processes. WebSphere Transformation Extender complements the nativ e capabilities of these IBM pr oducts, and can process large \\ndocuments and messages with more complex formats that would prove more difficult using the native capabilities of th e products. Integration with the following IBM products are \\npackaged as WebSphere Transformation Extender for Integration Servers:\\n/SM590000WebSphere Message Broker \\n/SM590000Sterling B2B Integrator \\n/SM590000WebSphere Enterpri se Service Bus \\nWebSphere Transformation Extender Industry Packs\\nWebSphere Transformation Extend er Industry Packs provide out -of-the-box ca pabilities to \\nintegrate a range of industry standard data formats with your enterprise infrastructure. Industry packs enable developers to accelerate the delivery of transformation solutions by providing predefined type tree templates and conversion maps. In some cases they provide validation maps and tools to fac ilitate implementation in projects  that require conformance to \\nmandatory and advisory guidelines required by the regulatory body or industry service provider.\\n 88 End-to-end Integration with IBM Sterling B2B In tegration and Managed File Transfer SolutionsWebSphere Transformation Extender Industry Packs used in conjunction with WebSphere \\nTransformation Extender provide organizations with an infrastructure with these features:\\n/SM590000Enables compliance with government and industry mandates.\\n/SM590000Controls administrative costs.\\n/SM590000Streamlines business processes.\\n/SM590000Facilitates accuracy and timeliness of information.\\n/SM590000Reuses existing business systems.\\n/SM590000Adapts to new technologies as they emerge.\\n/SM590000Integrates multiple systems and standards.\\n/SM590000Automates cross-organizational exchanges.\\nThe scenarios described in this book make use of the HIPAA EDI and the EDI X12 industry \\npacks.\\nHIPAA EDI \\nWebSphere Transformation Extender Pack for HIPAA EDI includes ready-to-execute template definitions for the complete ASC X12N standard for HIPAA including HIPAA 4010 and HIPAA 5010 addendum, as well as CMS (formerly HCFA) formats for legacy NSF , UB-92 Claims and Coordination of Benefits. The Pack features compliance validation checking, and handling of claims attachments. Also supports the Natio nal Provider ID requir ement and Clinical Data \\nArchitecture release 2.0 for claims attachments support.\\nHIPAA EDI addresses the administrative simplification aspects of HIPAA legislation - the \\nstandardization of electronic patient health, administrative, and financial data. HIPAA regulations affect payers, health plans, clearinghouses, and those providers who conduct financial and administrative transactions electronically.\\nIn the health insurance scenario discussed in Chapter 5, “Health Insurance scenario” on \\npage 103, located in Part 2 of this book, the HIPAA version 5010 type tree that enforces type 4 compliance that ships with the HIPAA EDI industry pack is used to define the inbound services eligibility request. In addition, the HIPAA compliance_check maps that ship with the \\npack are used to generate the negative acknowledgement for non-compliant messages.\\nEDI X12\\nWebSphere Transformation Extender Pack for X12 includes pre built definitions for the ASC X12 transaction sets. ASC X12 represents multiple business domains including finance, government, health care, insurance, and transportation.\\nIn the supply chain scenario discussed in Chapter 7, “Supply Chain scenario using AS2 and \\nEDI” on page 261, the X12 version 4010 type tr ee is used to represent the inbound purchase \\norder. In addition, the X12 compliance check maps that ship with the pack are used to generate the negative acknowledgement for non-compliant purchase orders.\\nMethods and practices\\nIn the following sections, we describe some common methods and practices for routing and transforming the messages. \\nTesting maps in a WebSphere Message Broker runtime environment\\nThere are times when you might want to test a map in the WebSphere Message Broker runtime environment without having to execute the entire message flow leading up to the map. It can be done by setting up a map test flow to invoke an executable map whose sole purpose is to execute other maps. Chapter 4. Routing and transforming messages 89This section discusses how to accomplish the testing. We assume that you have a basic \\nunderstanding of how to use the “RUN” map rule, and a basic understanding of runtime parameters that control the execution of WebSphere Transformation Extender maps.\\nThe “RUN” map rule is the means by which an executable map can invoke another executable \\nmap at runtime. “RUN” also allows for any runtime parameter, such as card overrides, audit switches, and trace switches to be at the time the “RUN” command is executed.\\nFrom the WebSphere Message Broker perspective, you need a simple message flow that \\nmonitors a test queue, and initiates the flow when a message is dropped onto the queue. The purpose of the flow is to take this message, and pass it to the map. The information in the message forces the map to execute the map you want to test. See Figure 4-15.\\nFigure 4-15   Map unit test flow\\nThe map that is executed by the broker is made up of one input card and one output card. For the purpose of this discussion, the input card is defined using an xml schema definition. The xml contains four attributes, as shown in Example 4-1 and Example 4-2:\\n/SM590000The map to run, including the path\\n/SM590000Command line options, including the audit and trace switches\\n/SM590000Input overrides, including the overrides for any input card\\n/SM590000Output overrides, including the overrides for any output card\\nExample 4-1   XML schema definition\\n<?xml version=\"1.0\" encoding=\"utf-8\"?>\\n<xs:schema xmlns:xs=\"http://www.w3.org/2001/XMLSchema\">  <xs:element name=\"TestMapInfo\">    <xs:complexType>\\n 90 End-to-end Integration with IBM Sterling B2B In tegration and Managed File Transfer Solutions      <xs:sequence>\\n        <xs:element name=\"MapToRun\" type=\"xs:string\" />        <xs:element minOccurs=\"0\" name=\"CmdOptions\" type=\"xs:string\" />        <xs:element minOccurs=\"0\" name=\"InputOverride\" type=\"xs:string\" />        <xs:element minOccurs=\"0\" name=\"OutputOverride\" type=\"xs:string\" />      </xs:sequence>    </xs:complexType>  </xs:element></xs:schema>\\nExample 4-2   XML input data\\n<?xml version=\"1.0\" encoding=\"UTF-8\"?><TestMapInfo><MapToRun>C:\\\\map\\\\hipaa_270_2_xml.mmc</MapToRun><CmdOptions> -AE -TI </CmdOptions><InputOverride> -if1 C:\\\\data\\\\hipaa_270_5010a1.dat </InputOverride><OutputOverride> -of1 C:\\\\data\\\\output.msg </OutputOverride></TestMapInfo>\\nThe output card definition uses the type tree shown in Figure 4-16.\\nFigure 4-16   Type tree used for test map\\n Chapter 4. Routing and transforming messages 91After the broker flow delivers the message to the WebSphere Transformation Extender map \\nnode, the broker invokes the map that calls the map to be tested. This map takes the data passed in, and uses that data to set up the run command to call the map being tested. \\n/SM590000See the map rule used to execute the map passed into the flow in Figure 4-17 on page 91.\\n/SM590000See the input card definition for this map using the xsd from in Figure 4-18 on page 92. \\n/SM590000See the output card definition for this map using the type tree from Figure 4-16 on page 90 \\nin Figure 4-19 on page 93.\\nFigure 4-17   RUN map rule\\n 92 End-to-end Integration with IBM Sterling B2B In tegration and Managed File Transfer SolutionsFigure 4-18   Input card\\n Chapter 4. Routing and transforming messages 93Figure 4-19   Output card\\nTrimming type trees\\nTrimming a type tree greatly improves the performance of parsing input of a WebSphere \\nTransformation Extender map. Trimming is normally done to type trees shipped with an industry pack. The reason is that industry pack type trees can include many versions and transactions that you do not use in your solution. \\nIf you execute a map with an untrimmed type tree, WebSphere Transformation Extender tries \\nto parse each and every transaction until it successfully parses the inbound message with the correct definition. By trimming the type tree, unnecessary attempts to parse data are avoided improving performance. Trimming a tree does not affect the output performance, but it minimally simplifies mapping, because unused types do not need to be mapped to “NONE”\\nY ou trim type trees using the WebSphere Transformation Extender Design Studio Type \\nDesigner. From inside the type designer, you select the types not needed and delete them from the type tree. Recommended practice is to make a copy of the original tree, and to trim the copy, keeping the original as it was when it was originally shipped.\\n 94 End-to-end Integration with IBM Sterling B2B In tegration and Managed File Transfer SolutionsTo illustrate the result of trimming a type tree , see Figure 4-20, where we  take the type tree \\nhipaa_x12_type_4.mtt that ships with the industry pack and show it side by side with the type \\ntree hipa_x12_type_4_trimmed.mtt  used in Chapter 5, “Health Insurance scenario” on \\npage 103. \\nFigure 4-20   Comparing trimmed and non-trimmed type trees\\n Chapter 4. Routing and transforming messages 95Canonical data format\\nDuring the implementation of the scenarios in this book, we use the concept of a canonical \\ndata format. The purpose of the canonical data format is to provide a consistent format for data used for like purposes, which makes for easier expansion and maintenance in the future.\\nIn order to process the information sent to you by your trading partners, you need to \\nunderstand the format of the data they are sending. In a perfect world, all of your trading partners would send you data using the same format, and the application, or applications you use to process this information would accept the data without any changes. In other words, everyone would speak the same language. Unfortunately, that is seldom the case, even with the definition of industry standards for communicating information electronically, your trading partners might be sending data using the standard, but at a diff erent revision level, which still \\ncauses the same issues.\\nAdd to that, the fact that the information you receive is being used by more than one \\napplication. Each of those applications also expect the data to be in a different format, and you can have many translation processes that you need to build and maintain.\\nFigure 4-21 shows how complicated such a solution can be. It is an illustration of incoming \\ndata being sent using four different formats to three different applications. It also shows that each application creates a response in each format. In order to accomplish the requirements shown in Figure 4-21, Note that twenty-four translations would be required. Four source formats translated to three application formats would give you twelve translations, and then you would need to translate each of the three application formats back to the source formats in order to respond for 12 more formats, giving you a total of twenty-four translations.\\nNow suppose that one of the source formats is modified. To implement this change would \\nrequire you to change six translation processes. If an application format changed, it would require eight translation process changes. Adding a new source format would require six new translations, and adding a new application would require eight. As you can see, it would not \\ntake long before this type of point-to-point solution became very complex and burdensome. 96 End-to-end Integration with IBM Sterling B2B In tegration and Managed File Transfer SolutionsFigure 4-21   Data translation without an intermediate canonical format\\nNext we look at implementing the same solution using a canonical data format as an \\nintermediate translation format. As you can see in 4.3.3, “WebSphere DataPower XB62 appliance” on page 99, the complexity is reduced dramatically. Now, instead of twenty-four translations there are fourteen; two each for the four source formats and the three application formats.\\nWhen one of the source or target formats changes, at most it affects two translations: the \\ntranslation to and the translation from the canonical format. Before it affected six or eight translations, depending on which format changed. If you add a new format or a new application, again it would only require two new translations.EDI\\nXML\\nCopybook\\nCustomNon-Canonical Integration – 24 Connection Points\\nApp1\\nApp2\\nApp3 Chapter 4. Routing and transforming messages 97Another advantage is that you would gain a deeper understanding of how to make changes, \\nbecause all data flows to or from the same format. It is why the approach used in the scenarios in this publication, as well as the recommendation for building transformation and translation within the enterprise service bus, is to make use of canonical data structures. As you can see, sometimes the canonical structure is either the target or the application format, in which case your work is cut in half.\\nFigure 4-22   Data translation with a canonical intermediate format\\nRecommended practices when  implementing WebSphere \\nTransformation Extender\\nBecause WebSphere Transformation Extender can be integrated with so many product \\nportfolios, recommended practices can vary based on the environment where it is being used. Some of the recommended practices that are discussed in the various scenarios covered in this book, such as “Canonical data format” on page 95 are not limited to use with WebSphere Transformation Extender. Other recommended practices discussed in this book, such as “Trimming type trees” on page 93, that make parsing more efficient, are recommended regardless of runtime environment.Canonical Integration – 14 Connection Points\\nApp1\\nApp2\\nApp3EDI\\nXML\\nCopybook\\nCustom\\n 98 End-to-end Integration with IBM Sterling B2B In tegration and Managed File Transfer SolutionsIn order to access the WebSphere Transformation Extender recommended practices that best \\nmeet your needs, you need  to make use of the help facility that is included with your Design \\nStudio, the WebSphere Transformation Extender Online Library, if you have it installed on your workstation. Information can be found at the following websites:\\nIBM Developer Works articles:\\nhttp://www.ibm.com/developerworks/websphere/library\\nThe WebSphere Tranformation Extender product page:\\nhttp://www-01.ibm.com/software/integration/wdatastagetx/\\nThe IBM WebSphere Transformation Extender Developer Works Forum:\\nhttp://www.ibm.com/developerworks/forums/forum.jspa?forumID=829\\nA specific recommended practice that we discus s here is the use of the map rule function \\n“PUT” with the adapter alias “WIRE”. This map rule function is used in two of the scenarios discussed in part 2. The syntax for this map rule function is shown in Example 4-3. \\nExample 4-3   Using “PUT” with the “WIRE” adap ter alias in Message Broker and Sterling Business \\nIntegrator\\nPUT(adapter_alias, adapter_command, data_to_send_to_adapter)\\nPUT(“WIRE”, ”OutputTarget”, DATA) /* Sends data when map completes */PUT(“WIRE”, ”OutputTarget -NOW”, DATA) /* Sends data immediately */\\nUsing the “PUT” map rule function, as in this example, is valid with both WebSphere Message \\nBroker and in Sterling B2B Integrator. Although the purpose for using this map rule function is \\nthe same with both, the behavior of the map rule function differs between the two. \\nPUT(“WIRE”,....) is used when you want to sp lit a message up into individual parts to be \\nprocessed separately. The Financial Services  extended scenario, uses the PUT map rule \\nfunction with the “WIRE” adapter alias in a map invoked by WebSphere Message Broker, to split a message containing multiple payments records into individual payments records to be processed separately. The Health Insurance scenario in Chapter 5 converts an inbound HIPAA 837P message into an xml version of the message with each claim contained in its \\nown xml envelope to be processed individually. It is done using the PUT map rule function \\nwith the “WIRE” adapter alias within a map that is invoked by Sterling B2B Integrator. \\nWhen using the map rule function PUT(“WIRE”, “OutputTarget”, DATA) with WebSphere \\nMessage Broker, each execution of the PUT places  the DATA contained in the third parameter \\nof the command on the wire connected to the Output Terminal of the Map Node named in the second parameter of the command. Each individual instance of DATA is processed individually by the remainder of the message flow.\\nWhen using this same map rule function with Sterling Business Integrator, you must \\nsomehow differentiate the name defined in parameter 2, for each time PUT is invoked. It is normally done by concatenating an index and the second parameter together. It results in the creation of tags with the concatenated name referencing the DATA in parameter 3 of the map rule function. Failure to follow this practice resu lts in only the last inst ance of DATA passed by \\nthe third parameter of the map rule function being available upon completion of the map.  Chapter 4. Routing and transforming messages 99Example 4-4 shows the proper use of the PUT map rule when invoked from Sterling B2B \\nIntegrator, and an excerpt from ProcessData showing the result.\\nExample 4-5 shows the improper use of the PUT map rule when invoked from Sterling B2B \\nIntegrator, and an excerpt from ProcessData showing the result. \\nThe same HIPAA 837P , containing two claims, was used in both examples.\\nExample 4-4   Proper use of PUT w hen invoked by Sterling B2B Integrator\\nPUT(“WIRE”, “OutputTarget_”+FILLLEFT(Idx,”0”,3), DATA)\\n<ProcessData>  <PrimaryDocument SCIObjectID=\"572:2406457:135400a450b:scb104-5:node1\"/>  <output_document_001 SCIObjectID=\"629:2406473:135400a450b:scb104-5:node1\"/>  <output_document_002 SCIObjectID=\"732:2406479:135400a450b:scb104-5:node1\"/>  <WTX_MAP_EXECUTION_AUDIT_LOG_346995 SCIObjectID=\"366:2406482:135400a450b:scb104-5:node1\"/></ProcessData>\\nExample 4-5   Improper use of PUT when invoked by Sterling B2B Integrator\\nPUT(“WIRE”, “OutputTarget_”+FILLLEFT(Idx,”0”,3), DATA)\\n<ProcessData>  <PrimaryDocument SCIObjectID=\"572:2406457:135400a450b:scb104-5:node1\"/>  <output_document SCIObjectID=\"517:2406467:135400a450b:scb104-5:node1\"/><WTX_MAP_EXECUTION_AUDIT_LOG_346995 SCIObjectID=\"366:2406482:135400a450b:scb104-5:node1\"/></ProcessData>\\n4.3.3  WebSphere DataPower XB62 appliance\\nWebSphere DataPower B2B Appliance XB62 is  a purpose-built hardware B2B-enabled ESB \\nfor simplified deployment and ha rdened security with the ab ility to quickly transform data \\nbetween a wide variety of formats, including XML, industry standards, and custom formats. The device provides core B2B functions, including AS2 and AS3 messaging, partner profile administration, routing of electronic data inte rchange (EDI), XML, and binary payloads, auto \\narchiving and purging of B2B transactions, and B2B tr ansaction viewing capabilities. \\nThe ESB functions include routing, bridging, transformation, and event handling. Data \\ntransformation and validation features include native XML Schema and WSDL validation, XSLT-based transformations, any-to-any transformation using WebSphere Transformation Extender, DPA maps created in IBM WebSphere Transformation Extender Design Studio, and type trees from the HL7 Industry pack.\\nWebSphere DataPower XB62 appliance provides a reliable, performance-oriented solution to \\nmany integration challenges. Beca use it is not limited to handlin g just XML, it resonates with \\nIT organizations that need to benefit from the connectivity of SOA deployments but must also deal with managing a combination of multiple proprietary, industry, company-specific, and existing data formats.  100 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer Solutions4.3.4  Sterling B2B Integrator\\nSterling B2B Integrator enables the secure integration of complex B2B processes with diverse \\npartner communities. \\nIBM Sterling B2B Integrator offers perimeter security, gateway, and transformation engine in \\none product. It includes the following integration and transformation features:\\n/SM590000Multi-purpose data transformation engine:\\n– Traditional EDI: X12, EDIFACT, CII, TRADACOMS, and Verband der \\nAutomobilindustrie (VDA)\\n– XML standards: OAGi, CIDX, PIDX, and RosettaNet– Internet standards for B2B data exchange: RosettaNet RNIF , ebXML, 1SYNC, and \\nEBICS (France)\\n– XSLT service to transform XML documents\\n/SM590000WebSphere Transformation Extender translations support\\n/SM590000Graphic data mapping tool\\n/SM590000Virtually unlimited file size (up to 50 gigabytes)\\n/SM590000Validation of inbound and outbound data based on HIPAA rules defined for Level 1 – Level \\n/SM590000Intelligent (content -based) routing\\n/SM590000Interoperable with .Net 1.1/2.0, Axis 1.x/2.0, Xfire 1.2.6 and Java EES\\nThe various adapters and services that come with Sterling B2B Integrator can be employed in \\nthe routing and transformation of messages in many different ways. One of the most common is to use the Mailbox functions of Sterling B2B Integrator, in conjunction with Routing Rules, to move messages from one Mailbox to another. It allows trading partners to upload documents, which can be translated and then routed automatically to another Mailbox for another partner or internal system to retrieve and perform additional processing.\\nThe implementation of many of these routing functions can be simplified by using the Sterling \\nFile Gateway application. Sterling File Gateway also provides robust tools for viewing the documents or files, as well as the routing status of the messages in the application.\\nFor more information about the Mailbox functions of Sterling B2B Integrator, see the Mailbox \\noverview in the documentation at this website:\\nhttp://publib.boulder.ibm.com/infocenter/sb2bi/v5r2/nav/6_4.\\nFor detailed information about Sterling File Gateway, see the documentation for that product \\nat this website:\\nhttp://publib.boulder.ibm.com/infocenter/sfg/v2r2/index.jsp. © Copyright IBM Corp. 2012. All rights reserved. 101Part 2Scenarios based on the \\nproposed solution \\narchitecture\\nIn this part of the book, we describe four scenarios that demonstrate ways to integrate IBM \\nSterling and IBM WebSphere portfolio products. Each scenario implementation is discussed. Each implementation is executed using a different combination of products and/or product capabilities from the availa ble products in the IBM Ster ling and WebSph ere portfolios.Part 2 102 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer Solutions © Copyright IBM Corp. 2012. All rights reserved. 103Chapter 5. Health Insurance scenario\\nThis chapter demonstrates an example scenario that uses several different systems to \\nreceive, check, transform, and route a HIPAA EDI 837 Health Care Claim transaction. They then respond back to the source system  with an EDI 999 acknowledgement.\\nBecause we assume that the claim will be proc essed by an existing backend application or \\nprocess, our scenario ends when we deliver the request to the destination that performs this task.\\nBeyond the acknowledgement of the receipt of the message, this scenario does not present \\nthe integration required to deliver a response message back to the trading partner that generated the initial message. It is an extension to the scenario, which could be conceived and executed by the reader.\\nThis chapter includes the following sections:\\n/SM5900005.1, “Business value” on page 104\\n/SM5900005.2, “Prerequisites: Technical and infrastructure” on page 104\\n/SM5900005.3, “Presenting the healthcare scenario” on page 106\\n/SM5900005.4, “Configuring the scenario” on page 109\\n/SM5900005.5, “Testing the scenario” on page 165\\n/SM5900005.6, “Conclusion” on page 1765\\nTip: If you want to implement the scenario presented in this chapter in your own \\nenvironment, you can download the Project Interc hange file for the applications used in this \\nscenario from the ITSO FTP site. For download instructions, see Appendix A, “Additional material” on page 333. 104 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer Solutions5.1  Business value\\nDuring an interaction between a patient and a healthcare provider, there is a large amount of \\ndata that is collected and exchanged in order to provide the proper services for the patient. Much of the data collected can be shared with other entities, for any of various reasons:\\n/SM590000Patient encounter reporting\\n/SM590000Payment processing\\n/SM590000Plan eligibility\\n/SM590000Coordination of benefits\\n/SM590000Health care claim status\\n/SM590000Referral authorization\\nA very common need is to prepare and send the information relating to the encounter, and \\npossibly claim information, to an insurance company or other entity for reporting purposes or payment of the claim.\\nWhile this encounter or claim can be processed manually, with a worker preparing the \\ndocument manually and submitting it by mail to the entity requesting it, a much more time and cost effective approach would be to automate these requests, thereby eliminating much of the wait time for the information while also ensuring higher accuracy.\\nThe provider office could simply format the document according to a defined structure (such \\nas the HIPAA EDI 837), and then transmit this re quest electronically to the company or entity \\nproviding the benefits. The re ceiving company could then, using a composite system with \\nvarious points of integration, accept and process that message, and send back a response to the originating system to acknowledge the receipt of the message. This would cut down on manual processing steps, reduce the wait time, and help eliminate errors in the request.\\nWe explore an example solution to this scenario in this chapter, demonstrating how various \\nproducts can be integrated to provide a seamless and high performance solution for processing these requests.\\n5.2  Prerequisites: Technical and infrastructure\\nThere are prerequisites both in order to fully understand the scenario and to successfully implement it in your own infrastructure.\\n5.2.1  Software prerequisites\\nIn order to be able to run this scenario, you must have the following components installed:\\n/SM590000Sterling Secure Proxy v3.4\\n/SM590000Sterling B2B Integrator v5.2.3\\n/SM590000Sterling File Gateway v2.2.3\\n/SM590000WebSphere MQ v7.0.1.5\\n/SM590000WebSphere Message Broker version v8.0.0.0\\n/SM590000WebSphere Transformation Extender Design Studio v8.4\\n/SM590000WebSphere Transformation Extender for Integration Servers v8.4\\n/SM590000WebSphere Transformation Extender Pack for HIPAA EDI v4.4.0 Chapter 5. Health Insurance scenario 105Figure 5-1 illustrates the configuration of the en vironment used to implement this scenario, \\nand represents the systems of the fictitious company “ITSOHealthcare Corporation.” \\nFigure 5-1   System confi guration for ITSOHealthcare\\nFor the purposes of this scenario, we use five servers: \\n/SM590000The first server is in the DMZ and has Sterling Secure Proxy installed. \\n/SM590000The second server has Sterling B2B Integrator and Sterling File Gateway. \\n/SM590000The third server has an IBM DB2® database instance installed to support Sterling B2B \\nIntegrator. \\n/SM590000The fourth and fifth servers are load balan ced backend ESB integration servers and have \\nWebSphere Message Broker and WebSphere Transformation Extender installed in them.\\nServers two, four, and five also have WebSphere MQ for communication between the Broker \\ncomponents and also Sterling B2B Integrator integration.\\n5.2.2  Skills prerequisites\\nTo fully implement and understand this scen ario, you must be familiar with these tasks:\\n/SM590000Configuring Sterling Secure Proxy to communicate with Sterling B2B Integrator\\n/SM590000Configuring Sterling B2B Integrator to receive and process AS2, X12 and HIPAA \\nmessages\\n/SM590000Configuring Sterling File Gateway to receive, handle, and route messages\\nITSOHealthcare Corporation\\nSystem Configurations\\nServer 1\\nssp01.itso.ibm.comServer 4/5\\nesb01.itso.ibm.com\\nesb02.itso.ibm.comServer 3\\ndb201.itso.ibm.com\\nDB2 \\nDatabase\\nDMZSecureSterling \\nSecure ProxySterling B2B \\nIntegrator\\nSterling File \\nGatewayServer 2\\nb2b02.itso.ibm.com\\nMQ\\nWebSphere\\nMQ\\nWebSphere\\nMessage \\nBroker\\nWebSphere\\nTransformation \\nExtender\\nWebSphere\\nMQWebSphere\\nTransformation \\nExtender 106 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer Solutions/SM590000Configuring either Sterling File Gateway or Sterling B2B Integrator to move messages to a \\nWebSphere MQ queue\\n/SM590000Configuring WebSphere MQ infrastructure\\n/SM590000Configuring WebSphere Transformation Extender to check messages for compliance and \\nto transform them into a format for the backend system\\n/SM590000Configuring WebSphere Message Broker infrastructure and develop message flows\\n5.3  Presenting the healthcare scenario\\nIn this section, we provide an overview of our health care scenario. For this particular \\nscenario, we implement a process flow where a Health Care Claim (HIPAA EDI 837) is \\nreceived by our fictitious company, which is named “ITSOHealthcare Corporation” for the purpose of this scenario. As part of the process, we receive the file, check it for compliance, and respond back to the originator with an acknowledgement.\\nAs shown in Figure 5-2, the scenario is composed primarily of the inbound flow, where the \\nmessage is moved through the various components of the solution, on its way to the eventual destination in a backend application. There are some components of the outbound flow that are incorporated, but for the sake of clarity, we are focusing on the integration of the various systems that are working with the inbound message.\\nFigure 5-2   Overall process flow, both inbound and outboundMai lboxFile \\nGateway\\nIn QueueProducer \\nSystem\\nSSP\\nBackend \\nAppWTX \\nBackend \\nTran sfor m\\nInternet\\nOut \\nQueueDMZSecure\\nAck nowle dgementSBI\\nWMBDeenvelope\\nGenerate \\nAck\\nWTX \\nCompliance \\nCheckWTX \\nCanonical  \\nTransfo rmOutput to \\nWMB Chapter 5. Health Insurance scenario 107There are two primary areas of the inbound process, and then the rudimentary outbound flow. \\nWe look at each in more de tail in the following sections.\\n5.3.1  Inbound flow part 1: St erling Secure Proxy/Sterling B2B \\nIntegrator/Sterling File Gateway\\nFigure 5-3 shows the first part of the flow, which begins with the producer system creating the \\nmessage, and ends with the message being routed out of Sterling B2B Integrator.\\nFigure 5-3   Part 1 of the inbound flow\\nThe flow begins in the partner’s system, where a HIPAA EDI 837 message is generated as part of the health care claim request on the behalf of a client. The partner’s system would then transmit this message by public networks, and it would be received in the DMZ by Sterling Secure Proxy (SSP). \\nAfter SSP reviews the message, an d determines that it  is allowed into the Secure zone, it \\nthen passes the message on to Sterling File Gateway (SFG) for routing. SFG interrogates the message to ensure that it contains a valid transaction for that particular partner, and it then routes that message into a mailbox for further processing. \\n 108 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsWhen the message is received in the mailbox, th e Sterling B2B Integrator system then begins \\nthe processing of the message. It extracts th e message from the mailbox, and then calls the \\nservice that de-envelopes the message. De-enveloping the document generates the acknowledgment for the partner, which is routed back to them as part of the outbound flow.\\nWhen the de-enveloping occurs, it calls a WebSphere Transformation Extender map, which \\nchecks the message for compliance with the EDI standards in use. If it passes the compliance check, it then calls another WebSphere Transformation Extender map, which converts the message from the current format into the canoni cal format for additional processing. As part \\nof this processing, the system generates one message per claim in the document.\\nAs the final step in this portion of the proc essing, Sterling B2B Integrator then places the \\nresulting messages onto a WebSphere MQ queue for that processing.\\n5.3.2  Inbound flow part 2: WebS phere Message Broker/WebSphere \\nTransformation Extender\\nFigure 5-4 demonstrates the second portion of the flow. It begins with the messages being \\nplaced into the WebSphere MQ queue, and ends with the final message arriving in the backend application.\\nFigure 5-4   Part 2 of the inbound flow\\n Chapter 5. Health Insurance scenario 109After Sterling B2B Integrator completes the de-enveloping and preliminary transformation of \\nthe messages, it places them into the In Queue for WebSphere Message Broker (WMB).\\nUpon arriving on the queue, WebSphere Message Broker then calls a WebSphere \\nTransformation Extender node, to convert the message from the current canonical format into a format that is compatible with the existing backend application.\\nAfter this transformation is complete, WebSphere Message Broker then moves the message \\ninto the Out Queue. This queue feeds the message into the backend application for additional processing.\\n5.3.3  Outbound flow\\nAs mentioned earlier, the outbound, or return, flow is simplified in this scenario to concentrate on the integration of the various components as they move and process the inbound message. However, the simple outbound portion, as depicted, should be reviewed.\\nAfter the receipt of the message into Sterling B2B Integrator, the message is de-enveloped, \\nand as part of this process, Sterling B2B Integrator generates an acknowledgement (in this case, an EDI 999). It is routed back to the partner to demonstrate that the message was successfully received, as well as any compliance errors generated.\\nEventually, the backend application can be expected to generate a response to the \\nmessages, which need to be routed back to the partner. This return message needs to be processed through a similar flow (although in reverse). As it is out of the scope of the current scenario, we leave the conceptualization of this more detailed outbound flow to the reader.\\n5.4  Configuring the scenario\\nIn this section, we look at an overview and then a detailed description of how we configure this Healthcare Integration scenario. In this scenario, we configure our various products to accept an inbound HIPAA EDI 837 Health Care Claim request by AS2. We route the resultant message through Sterling File Gateway. Then we use Sterling B2B integrator, WebSphere MQ, WebSphere Message Broker, and WebSphere Transformation Extender to prepare that message for processing in the existing backend system.\\n5.4.1  Scenario outline\\nFor simplicity, we use the fo llowing fictitious companies:\\nITSOHealthcare Corporation:  The company for which this integration scenario is being \\nimplemented. It is a large healthcare company that receives and processes Health Care Claim (HIPAA EDI 837) requests from its partners.\\nITSORetail Corporation:  An external trading partner that is generating a Heatlh Care Claim \\n(HIPAA EDI 837) request for one of their clients. In this case, this external partner is using software that accepts the created message and transmits it over AS2 to the systems of our \\nhealthcare company. 110 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsHere is a list of the steps to be perf ormed in configuring this scenario.\\n1. Configure Sterling Secure Proxy.\\n2. Configure AS2 in Sterling B2B Integrator.\\n3. Configure Sterling File Gateway.4. Configure message processing in Sterling B2B Integrator.\\n5. Configure WebSphere MQ.\\n6. Configure WebSphere Transformation Extender.7. Configure WebSphere Message Broker.\\n5.4.2  Scenario implementation\\nIn all of the following steps, we assume that the application in question has been successfully \\ninstalled and tested to ensure that it functions properly and that a nominal performance configuration has been put in place for each to accommodate the anticipated processing load.\\nFor detailed information about inst alling the applications, see the Installation Guide  and/or the \\nPerformance Tuning Guide  (if applicable) for each of the products.\\nStep 1: Configure St erling Secure Proxy\\nTo prepare Sterling Secure Proxy for use in this scenario, the following tasks must be \\nperformed:\\n/SM590000Configure a Policy\\n/SM590000Configure a Netmap\\n/SM590000Configure an HTTP Adapter\\nFor the purposes of configuring Sterling Secure Proxy, it should be noted that our AS2 \\nconnection is not seen as any different than any other HTTP communications. Thus, we configure the various components as we would any other HTTP session.\\nFor more information if required, see the documentation for Sterling Secure Proxy:\\nhttp://www.sterlingcommerce.com/documentation/home/MFT/SSP/SSP.html\\nIt contains comprehensive details on configuring the application for common usage tasks. \\nWe now review each of these steps in detail for this scenario.\\nConfigure a Policy\\nUse the following procedure to define a Policy for our HTTP connection.\\n1. Log into the user interface for Sterling Secure Proxy.2. Select Configuration  from the menu bar and then select Actions \\uf0ae New Policy \\uf0ae HTTP \\nPolicy . Chapter 5. Health Insurance scenario 1113. Select a name for the new Policy, and then click Save . Figure 5-5 shows an example of the \\nPolicy created for this example.\\nFigure 5-5   Creation of the Policy in Sterling Secure Proxy\\nConfigure a Netmap\\nAfter we have created our new Policy, we must then create a Netmap. The Netmap defines the inbound connection information from the external trading partner, and the outbound connection information in order to communicate with Sterling B2B Integrator. These values are stored in the Netmap, and in turn, this Netmap is associated with both a Policy and an HTTP Adapter.\\nUse the following procedure to create a Netmap.\\n1. Log into the user interface for Sterling Secure Proxy.\\n2. Select Configuration  from the menu bar and then select Actions \\uf0ae New Netmap \\uf0ae \\nHTTP Netmap . \\n3. Enter a name for the Netmap.4. To define an inbound node definition, select the Inbound Nodes  tab and click New. \\n5. Specify the following values:\\n– Inbound Node Name\\n– Peer Address Pattern– Policy \\n6. Click OK.\\n7. To define an outbound node definition, select the Outbound Nodes  tab and click New.\\n8. Specify the following values:\\n– Outbound Node Name\\n– Primary Destination Address – Primary Destination Port \\n 112 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer Solutions9. Click  OK. \\n10.Click Save .\\nFigure 5-6 shows the creation of the inbound node for the new Netmap.\\nFigure 5-6   Details of the inbound node in the Netmap\\n Chapter 5. Health Insurance scenario 113Figure 5-7 shows the creation of the outbound node for the new Netmap.\\nFigure 5-7   Details of the outbound node in the Netmap\\nConfigure an HTTP Adapter\\nAfter the Policy and Netmap are created, the last step in configuring Sterling Secure Proxy is \\nto define the HTTP Adapter to use in our scenario.\\nIn Sterling Secure Proxy, the HTTP Adapter definition specifies the information necessary for \\nHTTP connections both to and from the application.\\nUse the following procedure to define the HTTP Adapter for this scenario.\\n1. Login to the Sterling Secure Proxy user interface.2. Select Configuration  from the menu bar and then select Actions \\uf0ae New Adapter \\uf0ae \\nHTTP .\\n3. Specify the proper values for the following items:\\n– Adapter Name\\n–L i s t e n  P o r t–N e t m a p– Standard Routing Node–E n g i n e\\n4. Click Save .\\n 114 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsFigure 5-8 shows our HTTP Adapter configured for this scenario.\\nFigure 5-8   Configuration of the HT TP Adapter in Sterling Secure Proxy\\nAfter we complete the creation of the Policy, the Netmap, and the HTTP Adapter, we can then \\nmove on to the configuration of Sterling B2B Integrator.\\nStep 2: Configure AS2 in  Sterling B2B Integrator\\nTo prepare Sterling B2B Integrator for this scenario, the following tasks must be performed:\\n/SM590000Configure the certificates for the Organization and AS2 Partner.\\n/SM590000Configure the AS2 Organization.\\n/SM590000Configure the AS2 Trading Partner.\\n/SM590000Create the AS2 Trading Relationship.\\n/SM590000Test the AS2 Setup to ensure that it functions correctly.\\nThe Sterling B2B Integrator documentation contains much more detail about configuring the \\napplication for AS2 communications. For full information about setting up AS2 in particular, see the “Standards Library Using AS2” sections of the Sterling B2B Integrator documentation:\\nhttp://help.sterlingcommerce.com/SB2BI52/topic/com.ic.customization.doc/SI_52_PDF/\\nStds801_Using_AS2.pdf\\nNext we detail each of these steps for our scenario.\\nConfigure the certificates for the Organization and AS2 Partner\\nFor AS2 communication to occur, the trading partners need to create and exchange digital \\ncertificates.\\nWe must create the key certificate, and then share that certificate with our trading partner to \\nallow them to decrypt the AS2 messages that we intend to transmit to them. There are many ways to create this certificate, both in Sterling B2B Integrator and through the Sterling Certificate Wizard.\\n Chapter 5. Health Insurance scenario 115For this scenario, we generate a simple self-signed certificate, and then present that to our \\ntrading partner as the key certificate for communications. In most real life situations, we would be using an actual CA certificate which must be checked into Sterling B2B Integrator, and also shared with the partner.\\nOur trading partner, in this case the fictitious ITSORetail Corporation, is also required to \\nsupply us with their certificate to check into the Trusted store in Sterling B2B Integrator.\\nWhen we have the certificate from the partner, we need to save it to a location we can reach \\nfrom the server, and then navigate to Trading Partners \\uf0ae Digital Certificates \\uf0ae Trusted  in \\nthe Sterling B2B Integrator dashboard. Select Check In New Certificate , provide the \\nrequired information, and then save the certificate to the Trusted store.\\nFigure 5-9 shows the summary for the certificate used in this example.\\nFigure 5-9   Configuration of the Trusted Cert ificate provided by ITSORetail Corporation\\nIn this example, we are not actually using any certificates generated by a certificate authority. \\nAll of the certificates in use have been generated by Sterling B2B Integrator itself, which is sufficient for presenting this scenario and demonstrating the AS2 communications.\\n 116 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsConfigure the AS2 Organization\\nAfter the certificates have been created, exchanged, and checked in, we must now create our \\nOrganization. The Organization represents the internal group that is receiving and sending AS2 messages, and we must provide information about our fictitious ITSOHealthcare Corporation to configure the Organization.\\nTo simplify the creation of the Organization, as well as the Trading Partner and Relationship, \\nSterling B2B Integrator has an AS2 Wizard that you can use to create and configure the proper values. This wizard properly creates the required profiles, identities, transports, channels, packaging, business processes, and schedules to implement AS2. All of these items can be manually configured from the respective menu choices in the Sterling B2B Integrator dashboard, but using the AS2 Wizard can greatly simplify these tasks.\\nTo reach the AS2 Wizard, log into the Sterling B2B Integrator dashboard and navigate to \\nTrading Partner \\uf0ae AS2 . To create the Organization, select Create New AS2 partner or \\norganization  on the first option screen that is displayed. We must select Organization , \\nbecause the system does not allow us to create a Partner until we have created an Organization.\\nFigure 5-10 shows the settings for the Organization created for ITSOHealthcare Corporation.\\nFigure 5-10   Configuration of the ITSO Healthcare Corporation AS2 Organization\\n Chapter 5. Health Insurance scenario 117Configure the AS2 Trading Partner\\nAfter the Organization is created, we must now create a Trading Partner for AS2.\\nAgain, log into the Sterling B2B Integrator dashboard, and navigate to Trading Partner \\uf0ae \\nAS2. We again select Create New AS2 partner or organization . This time, however, on the \\nfirst option screen, we select Partner  as the type of Profile we are creating.\\nFill out the required fields, incl uding the certificate that was received from the partner and \\nchecked into Sterling B2B Integrator.\\nFigure 5-11 shows the configuration for the ITSORetail Corporation Profile.Tip: In this simple example, we are using the same certificate for the exchange and the \\nsigning, and we have le ft the email informati on blank. These would normally be filled out for \\na real Organization, to allow them to receive notifications from Sterling B2B Integrator. 118 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsFigure 5-11   Configuration for the AS2  Profile for ITSORetail Corporation\\nNote that the Profile is using the Trusted certificate we checked in earlier, and that the End \\nPoint is configured for the delivery of messages. It is a fictitious IP address for the purposes of \\nthis example.\\n Chapter 5. Health Insurance scenario 119Configure the AS2 Trading Relationship\\nIn order to link the Organization with the Partner, we must now create a Relationship between \\nthem. In Sterling B2B Integrator, there can be multiple Organizations and multiple Partners, and the Relationship defines the linkage between them.\\nLog into the Sterling B2B Integrator dashboard, and navigate to Trading Partner \\uf0ae AS2  and \\nselect Create New AS2 trading relationship .\\nFor the purpose of this scenario, it is particularly important to select mailboxes as the storage \\ntype of the inbound and outbound AS2 messages. It ensures that we are able to use Sterling File Gateway for routing of the messages after they are received by Sterling B2B Integrator and placed in the proper mailbox.\\nFigure 5-12 shows the configuration screen where the option is presented to select mailboxes \\nto store the AS2 messages.\\nFigure 5-12   Screen to configure mailbox storage of AS2 messages\\n 120 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsFigure 5-13 shows the screen where we can change the mailboxes that are used by Sterling \\nB2B Integrator for storing these messages. When using AS2 messages with Sterling File Gateway, it is best to accept the default locations.\\nFigure 5-13   Selection of the mailboxes for the Relationship\\nTest the AS2 Setup to ensure that it functions correctly\\nAfter the Organization, Partner and Relationship have been created, we can then test the AS2 communications between Sterling B2B Integrator and the trading partner.\\nLogin to the Sterling B2B Integrator dashboard, and navigate to  Trading Partner \\uf0ae AS2 . \\nSelect Search Relationships , and enter the values to search on, which in this case would be \\n“ITSOHealthcare” for the Organization and “ITSORetail” for the Partner. On the Summary screen that is displayed, there is a test icon displayed under the Select heading.\\nFigure 5-14 shows an example of this screen for the Organization and Partner in this \\nscenario.\\n Chapter 5. Health Insurance scenario 121Figure 5-14   Summary screen after searching for Relationship\\nClicking the test icon initiates a communications test with the pa rtner, and confirms that our \\ntrading relationship has been configured correctly and is functioning normally. If any errors are encountered, we must go back and correct them before proceeding to the next step.\\nFigure 5-15 shows an example running this test with the partner. Note that the last step, the \\nreceipt of the MDN, failed. It is an example of a failure that would need to be corrected before the partner could exchange messages.\\nFigure 5-15   Example of the results when testing an AS2 partner configuration\\nThis concludes the setup for Sterling B2B Integrator for AS2 communications. We now move on to Sterling File Gateway.\\nStep 3: Configure Sterling File Gateway for routing\\nTo prepare Sterling File Gateway for this integration scenario, the following tasks must be \\nperformed:\\n/SM590000Configure the Community\\n/SM590000Configure the Partner\\n/SM590000Configure the AS2 Partners Group\\n/SM590000Create the Routing Channel Template for AS2 Inbound\\n/SM590000Create the Routing Channel Template for AS2 Outbound\\n/SM590000Create the Route Channel for AS2 Inbound\\n/SM590000Create the Route Channel for AS2 Outbound\\n 122 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsNext we look at each of these tasks in detail.\\nConfigure the Community\\nThe first step in configuring Sterling File Gateway is to configure the community to be used for \\nthe fictitious ITSOHealthcare Corporation. This community is used as a way of organizing all trading partners into a logical grouping, which can speed up the onboarding process for the partner. In addition, the community can also be used to help define the protocols and methods used by those partners.\\nUse the following procedure to create the community used in this scenario.\\n1. Login to the Sterling File Gateway dashboard.\\n2. Navigate to Participants \\uf0ae Communities .\\n3. Under the Select  menu, select the link to add a new community.\\n4. Enter the name for the community, and select the options for the partner both initiating and \\nlistening for protocol connections. \\nFigure 5-16 shows the community created for “ITSOHealthcase Corporation.”\\nFigure 5-16   Sterling File Gateway Community for ITSOHealthcare Corporation\\nNote that this community is showing a Custom Protocol for WebSphere MQ FTE. There is \\nanother option for configuring this scenari o, which we discuss in more detail later.\\n Chapter 5. Health Insurance scenario 123Configure the AS2 Partner\\nThe configuration of the AS2 Partner, in this case “ITSORetail Corporation,” is done through \\nthe normal Sterling B2B Integrator dashboard, and is described in detail in the previous step.\\nThere are two important considerations when creating this partner:\\n/SM590000Ensure that the partner is configured to use mailbox storage of the AS2 messages to allow \\nSterling File Gateway to route them.\\n/SM590000Ensure that the AS2 partner is using the default mailboxes for the storage of the \\nmessages, which simplifies the configuration of the routing channel template.\\nThere is one additional task that needs to be completed. When an AS2 partner is created, \\nthere is a corresponding user created in Sterling B2B Integrator. This user must be added to the File Gateway Partners Users group.\\n1. Login to the Sterling B2B Integrator dashboard. \\n2. Navigate to Accounts \\uf0ae User Accounts  and search for the user that corresponds to the \\npartner. In this scenario, this would be “ITSORetail.”\\n3. Edit this account, and on the Groups page, add File Gateway Partner Users, and then \\nsave the changes.\\nFigure 5-17 shows this group added for our “ITSORetail” AS2 partner.\\nFigure 5-17   Adding the File Gateway Partner Users group to the AS2 partner user\\nAn important fact to remember is that the AS2 partner must continue to be configured with \\nSterling B2B Integrator, rather than managed in Sterling File Gateway. Hence, any changes to the profile would need to be done from the Sterling B2B Integrator dashboard.\\nConfigure the AS2 Partners group\\nAfter the partner is configured and added to the user group, we create a partner group to assist in organizing AS2 partners in Sterling File Gateway. It is not a required step, particularly in this case with only one AS2 partner, but it can simplify the management of the partners.\\n 124 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsUse the following procedure to configure the AS2 Partners group.\\n1. Login to the Sterling File Gateway dashboard.\\n2. Navigate to Participants \\uf0ae Groups .\\n3. Create a new group named AS2 Partners.4. Select Add Partners, and add the AS2 partner to the group. In this scenario, we are adding \\nthe “ITSORetail” partner to the group “AS2 Partners.”\\nFigure 5-18 shows an example of the group, with the new AS2 Partners group highlighted, \\nand the ITSORetail partner added to the group.\\nFigure 5-18   ITSORetail AS2 partner added to the AS2 Partners group\\nAs noted above, it is not a required step, but it can make managing the partners easier, particularly as the number of partners increases.\\nCreate the Routing Channel Template for AS2 Inbound\\nIn order to route the messages, we need to create two routing channel templates, one for inbound and one for outbound. The routing channel template provides the definition and structure for the routing of files through Sterlin g File Gateway, and it is required before the \\nactual routes can be created. It also controls the protocols and formats for the files, as well as the partners that can participate in the movement of files.\\nA routing channel template can be either static, where the values are defined at creation time \\nand are linked with a particular resource, or dynamic, which allows Sterling FIle Gateway to determine, based on the definition, the consumer for the file. In this scenario, for AS2 transfers, we are creating a static routing channel template, but one that can be used for any AS2 partner.\\nFirst, we create the inbound template. Use the following procedure.\\n1. Login to the Sterling File Gateway dashboard.\\n2. Navigate to Routes\\uf0ae Templates .\\n3. Create a new template named AS2 Inbound.4. Select Static as the type of template, and do not specify any special character handling.\\n5. Select AS2 Partners as the Producer Group, and All Partners as the Consumer Group.\\n6. For the Producer Mailbox Path, enter “/AS2/ITSOHealthcare/${ProducerName}/Inbound”.7. Under Producer File Structures, select Unknown and use ‘.+’ as the regular expression, \\nand no facts are required.\\n Chapter 5. Health Insurance scenario 1258. For the Consumer Mailbox Path, enter “/${ConsumerName}/Inbox”.\\n9. For the Consumer File Structure, select Unknown, with a file name format of \\n${ProducerFilename} .\\nFigure 5-19 shows the routing channel template created for AS2 Inbound.\\nFigure 5-19   Routing Channel Template for AS2 Inbound\\nCreate the Routing Channel Template for AS2 Outbound\\nThe next step is to create a very similar routing channel template, but this time for outbound \\nAS2 messages.\\nWe now create the inbound template. Use the following procedure.\\n1. Login to the Sterling FIle Gateway dashboard.2. Navigate to Routes\\uf0ae Templates .\\n3. Create a new template named AS2 Outbound.\\n4. Select Static as the type of template, and do not specify any special character handling.5. Select All Partners as the Producer Grou p, and AS2 Partners as the Consumer Group.\\n6. For the Producer Mailbox Path, enter /${ProducerName’.\\n 126 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer Solutions7. Under Producer File Structures, select Unknown and use ‘.+’ as the regular expression, \\nand no facts are required.\\n8. For the Consumer Mailbox Path, enter \\n“/AS2/ITSOHealthcare/${ProducerName}/Outbound”.\\n9. For the Consumer File Structure, select “Unknown,” with a file name format of \\n${ProducerFilename} .\\nFigure 5-20 shows the routing channel created for AS2 Outbound.\\nFigure 5-20   Routing Channel Template for AS2 Outbound\\nCreate the Route for AS2 Inbound from ITSORetail\\nAfter the templates are created, we must now create an actual route that uses those \\ntemplates to do the actual routing of the files.\\nUse the following procedure to create the inbound route.\\n1. Login to the Sterling File Gateway dashboard.\\n2. Navigate to Routes\\uf0ae Channels .\\n3. Click  Create to create the new Channel.\\n4. For the Routing Channel Template, select the AS2 Inbound template.5. For the Producer, select the AS2 partner, in this case, the ITSORetail AS2 partner created \\nearlier.\\n6. For the Consumer, select any other partner, which does not have to be an AS2 partner.\\n7. For this scenario, we select the same partner, to simplify the configuration in the next step.\\n Chapter 5. Health Insurance scenario 127Figure 5-21 shows the routing channels created in Sterling File Gateway, with the new \\ninbound route for the ITSORetail AS2 partner highlighted.\\nFigure 5-21   Routing Channels with t he ITSORetail inbound channel highlighted\\nCreate the Route for AS2 Outbound to ITSORetail\\nThe final step in the Sterling File Gateway configuration is to configure the route for AS2 \\nOutbound. It is quite similar to the AS2 Inbound Route, but allows a message to be routed back to Sterling B2B Integrator for transmission by AS2 to the partner. We could eventually use this outbound route as a method for returning a message back from the backend application to the trading partner.\\nUse the following procedure to create the outbound route.\\n1. Login to the Sterling File Gateway dashboard.2. Navigate to Routes\\uf0ae Channels .\\n3. Click Create  to create the new Channel.\\n4. For the Routing Channel Template, select the AS2 Outbound template.5. For the Producer, select any partner, which is not required to be an AS2 partner. In this \\ncase, we select ITSORetail, which simplif ies the configuration in the next step.\\n6. For the Consumer, also select the ITSORetail partner, which is the AS2 partner that the \\nmessage will be routed to for transmis sion by Sterling Integrator by AS2.\\nFigure 5-22 shows the routing channels created in Sterling File Gateway, with the new \\noutbound route for the ITSORetail AS2 partner highlighted.\\nFigure 5-22   Routing Channels with t he ITSORetail outbound channel highlighted\\nAs mentioned earlier, this outbound route is not used as part of this scenario, but is left as an \\nexercise for the reader.\\n 128 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsAlternate configuration for Sterling File Gateway using a Custom Protocol\\nAfter the message moves through Sterling File Gateway and is processed by Sterling B2B \\nIntegrator, there are two ways that we could move this message to the WebSphere MQ for additional processing and eventual delivery to the backend application:\\n/SM590000As part of the business process that is called when Sterling B2B Integrator de-envelopes \\nthe message, use the WebSphere Suite Adapters in Sterling B2B Integrator to place the message into the WebSphere MQ queue for the next step of the processing.\\n/SM590000After the message is processed by Sterling B2B Integrator, place it back into a maibox, \\nand define a route that uses a Custom Protocol in Sterling File Gateway to move the message to WebSphere MQ for the next step in processing.\\nIn this scenario, as a way of demonstrating some of the additi onal capabilities of Sterling B2B \\nIntegrator, we are using the first option, and we configure these components in the next step.\\nFor more information about configuring a Custom Protocol for Sterling File Gateway, see the \\ndocumentation for that pr oduct. In particular, the section on “Extending the Capabilities” has a \\ndetailed description of implementing a Custom Protocol, as well as some examples.\\nIn addition, the IBM Redbooks IBM Sterling Managed File Transfer Integration with \\nWebSphere Connectivity for a Multi-Enterprise Solution , SG247927 has a very detailed \\nexample of implementing a Custom Protocol in Chapter 7, “External transfers using IBM WebSphere Message Broker and IBM Sterling File Gateway’.\\nStep 4: Configure message pro cessing in Sterling B2B Integrator\\nNow that Sterling File Gateway has been configured to route the message to the proper \\nlocation, we need to configure Sterling B2B Integrator to process the message and deliver it to the WebSphere MQ queue for the additional processing in WebSphere Message Broker.\\nAs mentioned in the previous section, the final delivery of the message to the queue could \\nalso be accomplished by using the Custom Protocol  functions of Sterling File Gateway. In this \\nscenario, however, we use the Sterling B2B Inte grator to demonstrate it s ability to interact \\nwith WebSphere MQ. Chapter 5. Health Insurance scenario 129In order to accomplish these integrations, we need to complete the following tasks:\\n/SM590000Configure the inbound Envelopes for the trading partner.\\n/SM590000Create a Routing Rule to check the mailbox for a message and execute the initial business \\nprocess.\\n/SM590000Specify the correct maps in the envelopes for the compliance check and for the \\ntransformation to the canonical format.\\n/SM590000Create a Business Process that sends the document to the WebSphere MQ queue when \\ncalled.\\n/SM590000Configure the outbound Envelopes to return the acknowledgement (EDI 999) back to the \\ntrading partner.\\n/SM590000Create and schedule a Business Process to clean up expired mailbox messages.\\nWe now review each of these tasks and the component in detail.\\nConfigure the inbound envelopes for the trading partner\\nIn order to process the message from the trading partner, we need to configure document \\nenvelopes in Sterling B2B Integrator to allow the system to de-envelope the message and pass the resultant document on for the additional processing required.\\nThere are three distinct envelopes that need to be created for this message, which \\ncorrespond to the usual X12 standard:\\n/SM590000ISA-IEA\\n/SM590000GS-GE\\n/SM590000ST -SE\\nFigure 5-23 is the ISA-IEA envelope configured to process our inbound message from the \\ntrading partner. Note that in the envelope configuration, we have simplified this example by using only local (as opposed to global) control numbers, and we have also disabled duplicate and sequence checking. 130 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsFigure 5-23   Inbound ISA-IEA envelope configured for ITSORetail Corporation\\nFigure 5-24 is the GS-GT envelope for this trading partner. Again note that we are using local \\ncontrol numbers rather than global, and we are not doing duplicate or sequence checking for simplicity. Note also in this envelope that we specify to return an acknowledgement to our trading partner, which generates the EDI 999 that we need to return.\\n Chapter 5. Health Insurance scenario 131Figure 5-24   Inbound GS-GT envelope configured for ITSORetail Corporation\\n 132 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsFigure 5-25 is the ST -SE envelope for our message. It is in this envelope that we configure the \\nmaps to be used to check the compliance and to transform the data contained in the message. Again, we are using local control numbers and have disabled duplicate and sequence checking.\\nFigure 5-25   Inbound ST -SE envelope for ITSORetail Corporation\\n Chapter 5. Health Insurance scenario 133Also note that we have disabled the batching of like documents. It allows the system to create \\none document for each claim in the original message, and allows Sterling B2B Integrator to place one message onto the WebSphere MQ queue for each of those documents.\\nCreate a Routing Rule to check the mailbox for a message\\nAfter the message is routed by Sterling F ile Gateway, it is placed in the mailbox \\n/ITSORetail/Inbox . In order to trigger the business process that continue the processing of \\nthe message, we need to create a Routing Rule that can watch this mailb ox, and then initiate \\nthe business process configured in the next section.\\nIn the Sterling Integrator Dashboard, navigate to Deployment \\uf0ae Mailboxes \\uf0ae Routing \\nRules , and then select Create a new Routing Rule .\\nThe Routing Rule should be configured to execute automatically on the mailbox \\n/ITSORetail/Inbox , and it should run the business process named “EDIBootstrap” when it \\nfinds a message in the mailbox. This business process is a default process that is shipped as part of the base installation of Sterling B2B Integrator.\\nFigure 5-26 shows the Configuration screen for the new Routing Rule named \\nITSOHealthcare_Route.\\nFigure 5-26   Routing Rule configuration summary screen\\nWith the Routing Rule configured to be evaluated automatically, it is executed when the scheduled evaluation occurs in Sterling B2B Integrator. Because of the addition of Sterling FIle Gateway, the system evaluates all automatic rules continuously, which ensures that the message is routed almost as soon as it is placed in the mailbox.\\nSpecify the WebSphere Transformation Extender maps in the envelopes\\nWhen the de-enveloping runs in Sterling B2B Integrator, part of the process can include checking the compliance of the message, as well as transforming or translating the message into a different format.\\n 134 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsIn this scenario, we are using a HIPAA EDI 8 37 message, and as part of the processing of \\nthat message, we need to check the compliance to the published standards. If there is any variance from those standards, we need to inform our trading partner by returning an acknowledgement to them which lists the variance. For this, we are using the EDI 999 document type.\\nWhen checking the compliance of the message to the standard, there are various levels that \\nthe compliance can be compared to. In the native Sterling B2B Integrator application, we can check Level 4, 5, and 6 of compliance, but if the user wants to check compliance Level 1, 2, or 3, they can do so by using integration with WebSphere Transformation Extender compliance check, which supports compliance check Levels 1 to 4 out of the box.\\nIn Sterling B2B Integrator, the compliance level is specified in the ST -SE envelope, and is \\ncontrolled by selecting “yes” to the option of “Perform HIPAA compliance check” in the setup of the envelope. When “yes” is selected, the user can then specify the compliance check level.\\nOne final step that is required to enable the use of the WebSphere Transformation Extender \\nmap as the compliance check is to enable its use in the ISA-IEA envelope for the message. The user must select “yes” for the option “Use WTX compliance checking.”\\nAlong similar lines, the user can also call a WebSphere Transformation Extender map to do \\nthe transformation of the data into the canonical format as part of the de-enveloping of the message. After the WebSphere Transformation Extender map is deployed into Sterling B2B Integrator, the user can select it as the map to be called from the ST -SE envelope for the transformation, as it would be for any other map in Sterling B2B Integrator.\\nFor more information about these settings, see the Pack for HIPAA EDI documentation at this \\nwebsite:\\nhttp://publib.boulder.ibm.com/infocenter/wtxdoc/v8r4m0/index.jsp?topic=%2Fcom.ibm.\\nwebsphere.dtx.packhealthcareref.doc%2Fconcepts%2Fc_pack_healthcareref_Overview_of_the_Packs_for_Healthc.htm\\nCreate a Business Process to send the document to the WebSphere MQ queue\\nWhen the EDIBootstrap process executes, called by the routing rule set up earlier, it calls the pre-configured EDIDeenvelope service, which in turn then calls the pre-configured X12DeenvelopeUnified business process. This process locates and uses the envelopes configured previously. The ST-SE envelope calls the business process that output the de-enveloped and transformed message to the WebSphere MQ queue for processing by WebSphere Message Broker.\\nBecause we have the batching disabled in the ST -SE envelope, the X12DeenvelopeUnified \\nprocess invokes the defined process for each of the transactions in the original message. In this case, it calls the process we are creating to put each resulting document onto the proper WebSphere MQ queue.Important:  If you are using WebSphere Transformation Extender transformation maps in \\nthe X12 de-envelope service, then you need to use the WebSphere Transformation Extender HIPAA compliance check maps for co mpliance checking regardless of the level. Chapter 5. Health Insurance scenario 135Figure 5-27 is the graphical view of this busine ss process. Note that this process is quite \\nsimple. It basically opens a session and queue, puts the message, and then closes the queue and session.\\nFigure 5-27   ITSOHealthCare_MQSend business process in graphical view\\nFor clarity, this business process does not contain an “on fault” for the process flow. Even \\nthough this business process is quite simple, it is usually a good practice to anticipate \\npotential failure modes and provide a method for resolving them, if possible. We leave the conception and addition of the “on fault” to the reader as an additional exercise.\\nConfigure the outbound Envelopes to return the acknowledgement\\nIn order to return the acknowledgement to the trading partner, we must specify in the GS-GE envelope to generate the acknowledgement, and then we must also configure outbound envelopes for the resultant acknowledgment.\\nIn this scenario, we are returning the X12 standard EDI 999 to acknowledge the receipt of this \\nmessage, and also to report on any compliance errors from the message.\\nSimilar to the envelopes created for the inbound message, we must configure an envelope on \\neach standard level for this EDI 999:\\n/SM590000ISA-IEA\\n/SM590000GS-GE\\n/SM590000ST -SE\\nAs these envelopes are quite similar to those already presented for the inbound portion of the \\nscenario, except of course for outbound rather than inbound, we do not replicate them here.\\nCreate and schedule a Business Process to clean up expired messages\\nSterling B2B Integrator does not come with a pre-configured process that remove mailbox messages that are expired. In order to ensure  that we are removing messages that are no \\nlonger needed, we need to create and schedule a business process that can review the mailboxes used in this scenario, and then delete any messages that are either no longer extractable or expired based on their age.\\nThis business process is much simpler than the prior process, in that it simply reviews the \\nmailboxes in use in this scenario and then de letes any message in the mailbox that is no \\nlonger extractable.\\n 136 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsFigure 5-28 shows the steps of this process.\\nFigure 5-28   Graphical representation of th e business process ITSOHealthcare_MBX_Cleanup\\nIn order to ensure that the mailboxes are kept clean of expired messages, we need to \\nschedule this process to run on a regular interval.\\n Chapter 5. Health Insurance scenario 137Figure 5-29 displays the schedule configuration for this business process.\\nFigure 5-29   Configuration of the schedul e for the process ITSOHealthcare_MBX_Cleanup\\nNote that this schedule is currently set to ex ecute every 8 hours. Because this cleanup is \\nsimply removing messages that are expired, the longer schedule interval should be sufficient.\\nStep 5: Configure WebSphere MQ\\nIn this scenario, we use WebSphere MQ for integration on various infrastructure components. For it to happen, a base connectivity infrastructure should be created. We need to perform the following tasks before any fu rther backend integration:\\n/SM590000Create queue managers.\\n/SM590000Create listener objects on the queue managers.\\n/SM590000Create queue manager clusters.\\n/SM590000Create server connection channels.\\n/SM590000Create queues for application.\\n 138 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsCreate queue managers\\nQueue Managers could be created using the crtmqm  command. Example 5-1 shows the \\nsyntax of this command.\\nExample 5-1   The crtmqm command syntax\\ncrtmqm [-z] [-q] [-c Text] [-d DefXmitQ] [-h MaxHandles]       [-md DataPath] [-g ApplicationGroup] [-ss | -sa | -sax | -si]       [-t TrigInt] [-u DeadQ] [-x MaxUMsgs] [-lp LogPri] [-ls LogSec]       [-lc | -ll] [-lf LogFileSize] [-ld LogPath] QMgrName\\nFor more information about all of the parameters for the crtmqm  command, see this website:\\nhttp://publib.boulder.ibm.com/infocenter/wmqv7/v7r0/topic/com.ibm.mq.amqzag.doc/fa\\n15650_.htm\\nESB01 Queue Manager for Backend ESB-01\\nThe command in Example 5-2 is executed on server esb01.itso.ibm.com to create queue \\nmanager ESB01.\\nExample 5-2   Create queue manager ESB01\\n>crtmqm ESB01WebSphere MQ queue manager created.Directory \\'C:\\\\Program Files (x86)\\\\IBM\\\\WebSphere MQ\\\\qmgrs\\\\ESB01\\' created.Creating or replacing default objects for ESB01.Default objects statistics : 68 created. 0 replaced. 0 failed.Completing setup.Setup completed.\\nESB02 Queue Manager for Backend ESB-02\\nThe command in Example 5-3 is executed on server esb02.itso.ibm.com  to create queue \\nmanager ESB02.\\nExample 5-3   Create queue manager ESB02\\n>crtmqm ESB02WebSphere MQ queue manager created.Directory \\'C:\\\\Program Files (x86)\\\\IBM\\\\WebSphere MQ\\\\qmgrs\\\\ESB02\\' created.Creating or replacing default objects for ESB01.Default objects statistics : 68 created. 0 replaced. 0 failed.Completing setup.Setup completed\\nB2B02 Queue Manager for Sterling and ESB integration\\nThe command in Example 5-4 is executed on server b2b02.itso.ibm.com  to create queue \\nmanager B2B02.\\nExample 5-4   Create queue manager B2B02\\n>crtmqm B2B02WebSphere MQ queue manager created.Directory \\'C:\\\\Program Files (x86)\\\\IBM\\\\WebSphere MQ\\\\qmgrs\\\\B2B02\\' created.Creating or replacing default objects for B2B02.Default objects statistics : 68 created. 0 replaced. 0 failed.Setup completed. Chapter 5. Health Insurance scenario 139Figure 5-30 illustrates the WebSphe re MQ topology used for impl ementation in this scenario.\\nFigure 5-30   WebSphere MQ topology\\nNow that all of the queue managers are created, we need to start them using the strmqm  \\ncommand. Example 5-5 shows the syntax of this command.\\nExample 5-5   The syntax of crtmqm command\\nstrmqm [-z] [-a | -c | -r | -x] [-d none|minimal|all] [-f]       [-ns] [-ss | -si] [QMgrName]\\nFor more information about all of the parameters for the strmqm  command, see the following \\nwebsite:\\nhttp://publib.boulder.ibm.com/infocenter/wmqv7/v7r0/topic/com.ibm.mq.amqzag.doc/fa\\n16090_.htm\\nThe commands used to start the various queue managers are shown in Example 5-6.\\nExample 5-6   Start queue manager commands\\n>strmqm ESB01\\n>strmqm ESB02>strmqm B2B02\\nCreate listener objects on the queue manager\\nIn this section, we create listener objects on various queue managers. We do this by issuing commands on the WebSphere MQ runmqsc  console. Also, the listeners control is set to be \\nqueue manager, so that listeners start/stop based on the control of the queue manager.\\n 140 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsFor more information about defining listeners, see the following website:\\nhttp://publib.boulder.ibm.com/infocenter/wmqv6/v6r0/topic/com.ibm.mq.csqzaj.doc/sc\\n11050_.htm\\nExample 5-7 to Example 5-9 illustrate comma nds to create listene rs on various queue \\nmanagers.\\nExample 5-7   Create listener on the queue manager ESB01\\nDEFINE LISTENER (\\'ESB01.LISTENER\\') TRPTYPE(TCP) IPADDR(\\'esb01.itso.ibm.com\\') PORT(1414) BACKLOG(0) DESCR(\\'ESB01 Queue Manager Listener\\') CONTROL(QMGR) REPLACE\\nExample 5-8   Create listener on the queue manager ESB02\\nDEFINE LISTENER (\\'ESB02.LISTENER\\') TRPTYPE(TCP) IPADDR(\\'esb02.itso.ibm.com\\') PORT(1414) BACKLOG(0) DESCR(\\'ESB02 Queue Manager Listener\\') CONTROL(QMGR) REPLACE\\nExample 5-9   Create listener on the queue manager B2B02\\nDEFINE LISTENER (\\'B2B02.LISTENER\\') TRPTYPE(TCP) IPADDR(\\'b2b02.itso.ibm.com\\') PORT(1414) BACKLOG(0) DESCR(\\'B2B02 Queue Manager Listener\\') CONTROL(QMGR) REPLACE\\nAfter all of the listeners are created, use the command shown in Example 5-10 to start the \\nlisteners from the runmqsc  console.\\nExample 5-10   Start que ue manager listener objects\\nSTART LISTENER(‘listener name’)\\nFor more information about this command, go to the following website:\\nhttp://publib.boulder.ibm.com/infocenter/wmqv6/v6r0/topic/com.ibm.mq.csqzaj.doc/sc\\n13170_.htm\\nConfigure a Queue Manager cluster\\nTo set up message communication between ITSO Healthcare queue manager, the following channels are required:\\n/SM590000Channel from ESB01 to ESB02 and B2B02\\n/SM590000Channel from ESB02 to ESB01 and B2B02\\n/SM590000Channel from B2B0 2 to ESB01 and ESB02\\nIf all of the ITSO Healthcare systems are me mbers of an MQ cluster, WebSphere MQ can \\nmanage the channels automatically. Using an MQ  cluster results in simpler administration \\nand configuration of the MQ network. The benefits of MQ clusters quickly increase as the number of systems grows. Using MQ clusters, the number of channels that must be manually defined is greatly reduced. Chapter 5. Health Insurance scenario 141For scenarios with larger numbers, queue managers using MQ clusters offer even greater \\nadministrative savings. Thus, ITSO Healthcare decides to set up an MQ Cluster ITSO.CLUSTER. The queue managers participating in ITSO.CLUSTER are listed in Table 5-1.\\nTable 5-1   Participating queue manager in wmq cluster ITSO.CLUSTER\\nFigure 5-31 illustrates the cluster channe ls created on thes e queue managers.\\nFigure 5-31   Cluster channels in MQ Cluster ITSO.CLUSTER\\nAlter queue manager definitions to add to the repository\\nOn each queue manager that is to hold a full repository, you need to alter the queue manager \\ndefinition using the ALTER QMGR command and specifying the REPOS attribute. Issue the command shown in Example 5-11 from the runmqsc  console of the queue manager ESB01 \\nand ESB02. These two queue managers are changed to a full repository.\\nExample 5-11   Change queue manager to full repository\\nALTER QMGR REPOS(\\'INVENTORY.CLUSTER\\')Queue Manager Repository\\nESB01 Full Repository\\nESB02 Full Repository\\nB2B02 Partial Repository\\n 142 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsCreate a cluster channel on ESB01\\nCreate a cluster receiver and cluster sender channel on the full repository queue manager \\nESB01. Example 5-12 shows the commands  used to create  these channels.\\nExample 5-12   Clust er channel on ESB01\\nDEFINE CHANNEL (TO.ESB01) CHLTYPE (CLUSRCVR) TRPTYPE (TCP) CONNAME \\n(\\'esb01.itso.ibm.com(1414)\\') CLUSTER (ITSO.CLUSTER) REPLACE\\nDEFINE CHANNEL (TO.ESB02) CHLTYPE (CLUSSDR) TRPTYPE (TCP) CONNAME \\n(\\'esb02.itso.ibm.com(1414)\\') CLUSTER (ITSO.CLUSTER) REPLACE\\nCreate a cluster channel on ESB02\\nCreate a cluster receiver and cluster sender channel on the full repository queue manager ESB02. Example 5-13 shows the commands  used to create  these channels.\\nExample 5-13   Clust er channel on ESB02\\nDEFINE CHANNEL (TO.ESB02) CHLTYPE (CLUSRCVR) TRPTYPE (TCP) CONNAME \\n(\\'esb02.itso.ibm.com(1414)\\') CLUSTER (ITSO.CLUSTER) REPLACE\\nDEFINE CHANNEL (TO.ESB01) CHLTYPE (CLUSSDR) TRPTYPE (TCP) CONNAME \\n(\\'esb01.itso.ibm.com(1414)\\') CLUSTER (ITSO.CLUSTER) REPLACE\\nCreate a cluster channel on B2B02\\nCreate a cluster receiver and cluster sender channel on the partial repository queue manager B2B02. Example 5-14 shows the commands used to create these channels.\\nExample 5-14   Cluster channel on B2B02\\nDEFINE CHANNEL (TO.B2B02) CHLTYPE (CLUSRCVR) TRPTYPE (TCP) CONNAME (\\'b2b02.itso.ibm.com(1414)\\') CLUSTER (ITSO.CLUSTER) REPLACE\\nDEFINE CHANNEL (TO.ESB01) CHLTYPE (CLUSSDR) TRPTYPE (TCP) CONNAME \\n(\\'esb01.itso.ibm.com(1414)\\') CLUSTER (ITSO.CLUSTER) REPLACE\\nQueue managers are added to the repository and channels are created between the cluster \\ncomponents. Now we can also manage this cluster from WMQ explorer. Use the following procedure.\\n1. On the server esbo1.itso.ibm.com, select Start\\uf0ae\\uf020Programs \\uf0ae IBM WebSphere MQ \\uf0ae \\nWebSphere MQ Explorer , and click  WebSphere MQ Explorer  to launch the Eclipse GUI.\\n2. In the Navigator view of WebSphere MQ Explorer, expand Queue Manager Cluster \\uf0ae \\nITSO.CLUSTER .  Chapter 5. Health Insurance scenario 1433. Figure 5-32 shows the participating queue managers in MQ cluster ITSO.CLUSTER.\\nFigure 5-32   Cluster admin istration from WMQ explorer\\nFor more information about WebSphere MQ clusters, go to the following website:\\nhttp://publib.boulder.ibm.com/infocenter/wmqv6/v6r0/topic/com.ibm.mq.csqzah.doc/qc\\n10120_.htm\\nCreate a server connection channel\\nMQI channels are used by applications in client mode (rather than bindings mode) to connect to queue managers. MQI channels are bidirectional; they carry WebSphere MQ API calls, (for example, “GET a message from queue XYZ”) from the application to the queue manager. They also carry responses to those calls from the queue manager back to the application.\\nSterling B2B Integrator uses server connection channel to connect B2B02 queue manager. \\nExample 5-15 shows the command to be used from the runmqsc  console to create the server \\nconnection channel B2B.HEALTH.SFG  on queue manager B2B02.\\nExample 5-15   Create server connection channel\\nDEFINE CHANNEL(\\'B2B.HEALTH.SFG\\') CHLTYPE(SVRCONN) REPLACE\\nCreate queues for applications\\nYou must first define the cluste r queues on the queue manager, which will be accessible from \\nany queue manager in the cluster. Example 5-16 shows the command to be executed from the runmqsc  console of queue ma nager ESB01 and ESB02. \\nAfter executing this command, a cluster queue HEALTH.B2B.ESB.REQUEST.QC is created \\non ESB01 and ESB02. This queue is used for ac cepting incoming mess ages from HIPAA 837 \\nmessage from Sterling B2B Integrator and later messages are processed by the backend ESB message flow.\\nExample 5-16   Cluster queue for accepting HIPAA 837 message\\nDEFINE QLOCAL (HEALTH.B2B.ESB.REQUEST.QC) DEFBIND (NOTFIXED) CLWLUSEQ (ANY) CLUSTER (ITSO.CLUSTER) REPLACE\\n 144 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsExample 5-17 shows the command to define local queue HEALTH.B2B.ESB.BACKEND.QL \\non queue manager ESB01 and ESB02 for sending messages to backend application in canonical format. \\nExample 5-17   Local queue for sending messages to backend application\\nDEFINE QLOCAL (HEALTH.B2B.ESB.BACKEND.QL) REPLACE\\nIt is a good practice to define alias queues for c lients, instead of providing details of physical \\ncluster and local queues on the queue manager. We define alias queues to be used by Sterling B2B integrator, WebSphere Message Broker and the backend application.\\nExample 5-18 shows the command to define alias queue HEALTH.B2B.ESB.RQEQUEST. \\nSterling B2B integrator uses this queue to send HIPAA 837 messages. This alias queue, in turn, sends messages to target cluster queue HEALTH.B2B.ESB.REQUEST.QC on queue manager ESB0 1 and ESB02.\\nExample 5-18   Alias queues on queue manager B2B02\\nDEFINE QALIAS (HEALTH.B2B.ESB.REQUEST) CLUSTER (ITSO.CLUSTER) DEFBIND(NOTFIXED) \\nTARGQ (HEALTH.B2B.ESB.REQUEST.QC) REPLACE\\nExample 5-19 illustrates creation of alia s queue HEALTH.B2B.ESB.BACKEND in queue \\nmanager ESB01, this queue is defined for putting messages from target local queue HEALTH.B2B.ESB.BACKEND.QL. \\nExample 5-19   Alias queues on queue manager ESB01\\nDEFINE QALIAS (HEALTH.B2B.ESB.BACKEND)TARGQ (HEALTH.B2B.ESB.BACKEND.QL) REPLACE\\nExample 5-20 illustrates creation of alia s queue HEALTH.B2B.ESB.BACKEND in queue \\nmanager ESB02, this queue is defined for putting messages from target local queue HEALTH.B2B.ESB.BACKEND.QL.\\nExample 5-20   Alias queues on queue manager ESB02\\nDEFINE QALIAS (HEALTH.B2B.ESB.BACKEND)TARGQ (HEALTH.B2B.ESB.BACKEND.QL) REPLACE\\nTo learn more about local queues, go to the following website:\\nhttp://publib.boulder.ibm.com/infocenter/wmqv7/v7r0/topic/com.ibm.mq.amqzag.doc/fa\\n11220_.htm\\nTo learn more about clustered queues and queue manager, go to the following website:\\nhttp://publib.boulder.ibm.com/infocenter/wmqv7/v7r0/topic/com.ibm.mq.csqzah.doc/qc\\n10680_.htm\\nTo learn more about alias queues, go to the following websites:\\nhttp://publib.boulder.ibm.com/infocenter/wmqv7/v7r0/topic/com.ibm.mq.csqzal.doc/fg\\n10990_.htm\\nhttp://publib.boulder.ibm.com/infocenter/wmqv7/v7r0/topic/com.ibm.mq.amqzag.doc/fa\\n11330_.htm\\nWith queues created to be used by Sterling B2B Integrator, WebSphere Message Broker, and \\nbackend application the WebSphere MQ, the configuration steps are complete. Chapter 5. Health Insurance scenario 145Step 6: Configure WebSphere Transformation Extender\\nAs stated in the introduction to this book, it is assumed that any WebSphere Transformation \\nExtender component that is needed has already been installed. For any scenario using WebSphere Transformation Extender, the Design Studio must be installed on a development platform in order to create the maps needed for translation. In this scenario, WebSphere Transformation Extender for Integration Servers and the WebSphere Transformation Extender Industry Pack for Health Care have also been installed on the development platform, as well as the server that will host We bSphere Message Broker flows.\\nFor this scenario, two translation maps are needed, one to transform the incoming HIPAA \\n837P message into canonical form, and a second to transform the canonical message into the target format. In addition to these transformations, the compliance check map system that ships with the health care industry pack is used to perform compliance checking and generate the HIPAA 999 acknowledgment using the Sterling B2B Integrator de-envelope service. \\nThe compliance check map system that ships with the industry pack allows for compliance \\nchecking from level 1 compliance through level 7 compliance. For this scenario, we chose to use level 4 compliance checking. For details on how to set the compliance level in the \\ncompliance check map, and how to configure the Sterling B2B Integrator and WebSphere Transformation Extender to perform HIPAA compliance check, see the documentation that ships with the industry pack and the help menu in the Design Studio.\\nHIPAA 837P to canonical xml\\nThe map used for translating the HIPAA 837P message to the canonical form is composed of \\none input card and two output cards, as shown in Figure 5-33 on page 146. This map is deployed to the Sterling B2B Integrator to make it available for use within the WTXMap service.\\nThe input card is defined using a trimmed tree from the health care pack, as shown in \\nFigure 5-34 on page 146 for the input card definition and Figure 5-35 on page 147 for the type tree. The type tree is customized based on the instructions in chapter 15 of the documentation shipped with the industry pack.\\nThe first output card is defined using the canonical form xsd. Figure 5-36 on page 148 shows \\nthe output card definition. The second output card is defined using a type tree that consists of a blob item that has been nested inside layers of groups to mimic the envelope structure of the canonical xml. This was done to facilitate the process of splitting individual claims into separate xml interchanges. Figure 5-37 on page 149 shows the definition of output card 2.\\nIn the case of a compliant mess age, the canonical form of the message, split into a single xml \\ninterchange per claim, is passed back to the business process. A reference to each singleton xml claim is put into ProcessData. The busine ss process then passes each singleton xml \\nclaim to the broker flow for further processing. In the case of a non-compliant message processing terminates. In either case Sterling B2B Integrator returns the 999 acknowledgement to the trading partner.\\nTip: The WebSphere Transformation Extender map rule function “PUT” with the adapter \\nalias “WIRE” is used to split the xml into singleton claims. Usage of this function is \\ndescribed in Chapter 4, “Routing and transforming messages” on page 69, as shown in Example 4-3 on page 98.  146 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsFigure 5-33   HIPAA_837p_5010_toxml_SglClm.mms\\nFigure 5-34   Input card definition\\n Chapter 5. Health Insurance scenario 147Figure 5-35   Trimmed HIPAA type tree\\n 148 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsFigure 5-36   Output Card 1\\n Chapter 5. Health Insurance scenario 149Figure 5-37   Output Card 2\\nCanonical to backend format\\nThe map used for translating the canonical message to the backend format is composed of \\none input card and one output card, as shown in Figure 5-38 on page 150. Because the purpose of this map is to convert the canonical message created in the map described in the section “HIPAA 837P to canonical xml” on page 145, the input card for this map is defined exactly as the output card 1 of the HIPAA 837P to canonical xml map was defined, using the same xml schema definition file. Figure 5-39 on page 151 shows the card definition. \\nOne of the things to notice is that the “Document Verification” attribute is set to “Well Formed \\n(Xerces Only). It is because we do not need to validate the xml against the actual schema, because the xml was created internally. We only need to verify that the xml is well formed.\\n 150 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsFigure 5-38   Canonical xml to backend format map\\n Chapter 5. Health Insurance scenario 151Figure 5-39   Input card for canonical to backend map\\nThe output card is defined by a custom type tree. In many cases, for similar scenarios, the \\nbackend format can be imported using one of the type importers described in Chapter 4, “Routing and transforming messages” on page 69 in Part 1 of this book, such as from a COBOL copybook. In our example, the format was given to us in a type specification document and the type tree was created by hand. \\nThe output card definition is shown in Figure 5-40 on page 152 and the type tree we built is \\nshown in Figure 5-41 on page 153. The result of executing this map is the canonical xml is translated into the delimited record format required by the backend application, as shown in Example 5-31 on page 175.\\n 152 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsFigure 5-40   Output card definition\\n Chapter 5. Health Insurance scenario 153Figure 5-41   Type tree for backend format\\nStep 7: Configure W ebSphere Message Broker\\nIn this scenario, we use WebSphere Message Broker to transform and route incoming HIPAA \\nmessages arriving from Sterling B2B Integrator. Message flows deployed on WebSphere Message Broker read HIPAA 837 XML messages on the WebSphere MQ queue, and later transform and put incoming messages into legacy format for the backend application. \\nWe use the following steps to configure WebSphere Message Broker for this scenario:\\n/SM590000Create a broker\\n/SM590000Create execution group on broker\\n/SM590000Create and configure message flow\\n/SM590000Deploy message flow\\n 154 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsCreate a Broker\\nA Message Broker can be created using the mqsicreatebroker  command. Example 5-21 \\nshows the syntax of  this command.\\nExample 5-21   The mqsicreatebroker command syntax\\nmqsicreatebroker brokerName -i serviceUserId -a servicePassword -q \\nqueueManagerName [-g configurationChangeTimeout] [-k internalConfigurationTimeout] [-w workPath] [-e sharedWorkpath] [-l userLilPath] [-t] [-m] [-v statisticsMajorInterval][-P httpListenerPort] [-c icuConverterPath] [-y ldapPrincipal -z ldapCredentials] [-x userExitPath] [-o operationMode] [-s adminSecurity] [-d MQService]\\nTo learn more about all parameters for the mqsicreatebroker command, see the following \\nwebsite:\\nhttp://publib.boulder.ibm.com/infocenter/wmbhelp/v8r0m0/topic/com.ibm.etools.mft.d\\noc/an07080_.htm\\nESB01 broker for backend ESB-01\\nThe command in Example 5-22 is executed on server esb01.itso.ibm.com  to create broker \\nESB01.\\nExample 5-22   Create broker ESB01\\nmqsicreatebroker ESB01 -i <username> -a <password> -q ESB01\\nESB02 broker for backend ESB-02\\nThe command in Example 5-23 is executed on server esb02.itso.ibm.com  to create broker \\nESB02.\\nExample 5-23   Create broker on ESB02\\nmqsicreatebroker ESB02 -i <username> -a <password> -q ESB02 Chapter 5. Health Insurance scenario 155Figure 5-42 shows the WebSphere Message Broker topology used for the implementation of \\nthe Healthcare scenario.\\nFigure 5-42   WebSphere Message Broker topology\\nNow that all of the brokers are created, we start them by using the mqsistart  command, as \\nshown in Example 5-24.\\nExample 5-24   The syntax for mqsistart command\\nmqsistart <brokerName>\\nTo learn more about the mqsistart  command, go to the following website:\\nhttp://publib.boulder.ibm.com/infocenter/wmbhelp/v8r0m0/topic/com.ibm.etools.mft.d\\noc/an07230_.htm\\nThe commands used to start various brokers are shown in Example 5-25.\\nExample 5-25   Start broker commands\\n>mqsistart ESB01\\n>mqsistart ESB02\\nCreate an execution group on the broker\\nIn this section, we create execution groups on various brokers by issuing the mqsicreateexecutiongroup  command. An execution group is a named grouping of message \\nflows that have been assigned to a broker. The broker enforces a degree of isolation between message flows in distinct execution groups by ensuring that they run in separate address spaces, or as unique processes.\\n 156 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsAn execution group process is also known as a DataFlowEngine (DFE); this term is typically \\nused in problem determination scenarios (trace contents, diagnostic messages, and so on). A DFE is created as an operating system process, and has a one-to-one relationship with the named execution group. If more than one message flow runs within an execution group, multiple threads are created within the DFE process.\\nExample 5-26 shows the syntax for the mqsicreateexecutiongroup  command.\\nExample 5-26   The syntax for mqsicreateexecutiongroup command\\nmqsicreateexecutiongroup brokerSpec -e egName [-w timeoutSecs] [-v traceFileName]\\nTo learn more about the mqsicreateexecutiongroup  command, go to the following website:\\nhttp://publib.boulder.ibm.com/infocenter/wmbhelp/v8r0m0/topic/com.ibm.etools.mft.d\\noc/an26000_.htm\\nWe create the execution group ITSOHealth on brokers ESB01 and ESB02. Example 5-27 \\nand Example 5-28 shows the commands to be executed on the brokers.\\nExample 5-27   Create execution group ITSOHealth on ESB01\\n>mqsicreateexecutiongroup ESB01 -e ITSOHealth\\nExample 5-28   Create execution group ITSOHealth on ESB02\\n>mqsicreateexecutiongroup ESB02 -e ITSOHealth\\nFigure 5-43 shows the execution group ITSOHealth created on Broker ESB01.\\nFigure 5-43   Execution gro up ITSOHealth on broker ESB01\\nCreate and configure a message flow\\nWe start by creating a new application, but before that, we launch the WebSphere Message \\nBroker v8.0.0.0 toolkit, as described in the following procedure.\\n1. On the server esbo1.itso.ibm.com , select Start\\uf0ae\\uf020All Programs \\uf0ae IBM WebSphere \\nMessage Broker toolkit \\uf0ae and click WebSphere Message Broker toolkit 8.0  to launch \\nthe Eclipse GUI.\\n2. In the workspace wizard, enter the workspace location and click OK.\\n3. After the workspace is launched, close the Welcome  tab and enter in “Broker application \\ndevelopment perspective.”\\n Chapter 5. Health Insurance scenario 1574. Figure 5-44 illustrates the broker development vi ew in the top left co rner of the Broker \\napplication development  perspective. Click New Application to open a new application \\nwizard.\\nFigure 5-44   Create new message broker application project\\n5. Figure 5-45 shows the New Application wizard. Enter the application name as \\n“HealthCareESB” and then click Finish .\\nFigure 5-45   Create new application\\n 158 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer Solutions6. Figure 5-46 shows the new message broker application project Heal thCareESB created in \\nthe broker development view. Click New\\uf0ae Message Flow .\\nFigure 5-46   Create new message flow\\n Chapter 5. Health Insurance scenario 1597. Figure 5-47 shows the New Message Flow creation wizard. Enter the message flow name \\n“HIPAA837” and then click Finish .\\nFigure 5-47   Create HIPAA837 message flow for SI and backend integration\\n8. Figure 5-48 shows the message flow editor for message flow HIPAA837. We now proceed \\nby dragging and dropping the nodes in Table 5-2.\\nFigure 5-48   Create HIPAA837 message flow functionality\\n 160 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsTable 5-2 lists the node types to be dragged from the pallet and then renamed to the \\ncorresponding node name in the message flow editor area.\\nTable 5-2   Nodes in message flow HIPAA837\\nTable 5-3 shows the terminals used to connect the nodes listed in Table 5-2.\\nTable 5-3   Connection between nodes\\n9. After the nodes are renamed and connected using the details mentioned in Table 5-2 and \\nTable 5-3, the connected nodes message flow should look similar to Figure 5-49.\\nFigure 5-49   Connected nodes in message flow HIPAA837\\n10.Configure the properties of the nodes as shown in Table 5-4.\\nTable 5-4   Node propertiesNode name Node type\\nHIPAA837IN MQInput Node\\nXML To Legacy WTX NodeHEALTH_BACKEND MQOutput Node\\nSource node Output terminal Destination node Input terminal\\nHIPAA837IN Out XML To Legacy in\\nXML To Legacy out1 v in\\nNode name Property name Property value\\nHIPAA837IN Queue name HEALTH.B2B.ESB.REQUEST\\nXML To Legacy Local compiled map <external path to map>/837Canonical_toLegacy.mmc\\nMap server location <external path to map>/837Canonical_toLegacy.mmcInput card 1Output card 1\\nHEALTH_BACKEND Queue name\\nHEALTH.B2B.ESB.BACKEND Chapter 5. Health Insurance scenario 161Save the flow, and proceed to create the broker archive (BAR) file for deployment.\\nMap properties: The message flow derives the WTX map properties from different \\nsources, and does the search for the properties in the order listed:\\n1. Run time:/SM590000Source: LocalEnvironment\\n/SM590000Override the map server location and input card to wire map properties at run time in \\nthe LocalEnvironment.\\n/SM590000For information about how the LocalEnvironment works, see the related topics in the \\nWebSphere Message Broker product documentation that is published on the WebSphere Message Broker Library Web page: http://www.ibm.com/software/integration/wbimessagebroker/library\\n2. Deploy time:\\n/SM590000Source: broker archive (bar) file\\n/SM590000Override the cache map, map name, map server location, and input card to wire map \\nproperties at deploy time in the bar file using the Configure tab of the Properties view, which is under the Manage tab in the Broker Archive editor.\\n3. Design time:\\n/SM590000Source: WTX Map node\\n/SM590000Override the map and card properties at design time in the Map Settings tab of the \\nWTX Map node.\\nAt run time, override the following map properties by using the WebSphere Message \\nBroker LocalEnvironment tree from a prior node in the message flow, such as a Compute node, which can change the LocalEnvironment to override parameters in the tree that is passed to the WTX Map node:\\ndynamicMap property:\\nLocalEnvironment tree path:  LocalEnvironment.WTX.DynamicMap\\nPurpose: Y ou can override a WebSphere Transformation Extender map by populating the \\nWebSphere Message Broker local environment tree with the binary data of a compiled map, stored, for example, in WebSphere Service Registry and Repository (WSRR). \\nResult:  When a compiled map is stored in WSRR, you can use a node such as the \\nWebSphere Message Broker Compute node, Java Compute node, or RegistryLookup node to populate the local environment tree with the binary data of the compiled map. A compiled map in the local environment tree overrides both a dynamic path to a map in the local environment tree\\nMapServerLocation property\\nLocalEnvironment tree path:  LocalEnvironment.WTX.MapServerLocation\\nPurpose:  To run the compiled map located in a different location than the location \\nconfigured on the WTX Map node.\\nResult:  WebSphere Message Broker overrides the map server location with the location \\nyou specified in the LocalEnvironment tree, and the WTX Map node runs the map from this location instead. 162 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsDeploy a message flow\\nPrior to deployment, a broker archive (BAR) file should be created to compile the message \\nflow. Use the following procedure.\\n1. Create a new BAR file as shown in Figure 5-50.\\nFigure 5-50   Create new BAR fileNote continued:  (WTX map properties)\\nCardNumberToWire propertyLocalEnvironment tree path: LocalEnvironment.WTX.InputCardNumberToWire\\nPurpose: To specify which input card of the map should be wired.\\nResult:  The specified map input card receives its data from the prior node in the message \\nflow.\\n Chapter 5. Health Insurance scenario 1632. The New BAR file wizard open s. Enter the BAR file name as “HealthCareESB” and click \\nFinish. Figure 5-51  shows the New BAR file wizard.\\nFigure 5-51   New BAR file wizard\\n3. After the BAR file is created, it opens in the BAR file editor , as shown in Figure 5-52. Click \\nthe Prepare  tab in this editor and se lect the HealthCareESB application to be compiled in \\nthis BAR file.\\nFigure 5-52   Select application in BAR file editor\\n 164 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer Solutions4. Figure 5-53 shows how to build the BAR file. Click the Manage  tab and then click the \\nRebuild  button. If there are no compilation errors, the BAR file is built. Save the BAR file \\nbefore deployment.\\nFigure 5-53   Build the BAR \\n5. After the BAR file is  created, deploy it on broker ESB01 on esb01.itso.ibm.com  and \\nESB02 on esb02.itso.ibm.com . Drag and drop the BAR file on execution group \\nHealthCareESB on broker ESB0 1. Figure 5-54 shows the app lication deployed on the \\nexecution group. Transfer the BAR file to esb02.itso.ibm.com  and deploy it on broker \\nESB02. \\nFigure 5-54   Message flow deployed on execution group ITSOHealth\\nThe next main step is to perfor m the complete integration testing.\\n Chapter 5. Health Insurance scenario 1655.5  Testing the scenario\\nNow that the various applications are configured properly, it is time to test the integration of \\nthese systems. We need to track the message from the receipt at Sterling Secure Proxy \\nthrough to the eventual delivery as the output from WebSphere Message Broker to the backend system.\\nIn order to demonstrate this integration scenario, we track the delivery, receipt, and \\nprocessing of a single Health  Care Claim (HIPAA EDI 837) as it moves through the system. \\nWe view the original message, as received from the trading partner, and then we review the intermediate documents that are prepared by the various transformations. We end with the final document delivered to the backend application. We also briefly look at the acknowledgement (EDI 999) that is returned to the trading partner to confirm receipt of the message and detail any compliance errors.\\n5.5.1  Original message\\nThe process is initiated by our fictitious trading partner, ITSORetail Corporation, creating a Health Care Claim (HIPAA EDI 837 ) request on behalf of a client. This request is formatted \\nproperly, and is then transmitted by the AS2 protocol by the public Internet, until it finally connects to our Sterling Secure Proxy engine in the DMZ.\\nExample 5-29 is the example message we are using in this test.\\nExample 5-29   Example HIPAA EDI 837 message\\nISA*00*          *00*          *ZZ*HEALTHCARE_DEV *ZZ*HEALTHCARE_PS  \\n*070612*1041*^*00501*000000001*0*T*:GS*HC*DEVELOPMENT*PROFSERV*20070612*1041*42*X*005010X222A1ST*837*1323*005010X222A1BHT*0019*00*244579*20061015*1023*CHNM1*41*2*PREMIER BILLING SERVICE*****46*TGJ23PER*IC*JERRY JAMES*TE*3055552222*EX*231NM1*40*2*KEY INSURANCE COMPANY*****46*66783JJTHL*1**20*1PRV*BI*PXC*203BF0100YNM1*85*2*BEN SANGFORD SERVICE*****XX*9876543210N3*234 SEAWAY STN4*MIAMI*FL*33111REF*EI*587654321NM1*87*2N3*2345 OCEAN BLVDN4*MAIMI*FL*33111HL*2*1*22*1SBR*P**2222-SJ******CINM1*IL*1*SMITH*JANE****MI*JS00111223333NM1*PR*2*KEY INSURANCE COMPANY*****XV*999996666N4*MAIMI*FL*33111REF*FY*KA6663HL*3*2*23*0PAT*19NM1*QC*1*LARKINS*THEODOREN3*236 N MAIN STN4*MIAMI*FL*33413DMG*D8*19730501*M 166 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsCLM*26463774*100***11:B:1*Y*A*Y*I\\nREF*D9*17312345600006351HI*BK:0340*BF:V7389LX*1SV1*HC:99213*40*UN*1***1DTP*472*D8*20061003LX*2SV1*HC:87070*15*UN*1***1DTP*472*D8*20061003LX*3SV1*HC:99214*35*UN*1***2DTP*472*D8*20061010LX*4SV1*HC:86663*10*UN*1***2DTP*472*D8*20061010SE*42*1323ST*837*1324*005010X222A1BHT*0019*00*0123*19981015*1023*RPNM1*41*1*PREMIER*BILLING SERVICE****46*TGJ23PER*IC*BRENT RICE*TE*3055552222*EX*231PER*IC*TERRY SPANGLER*TE*3055552222*EX*231NM1*40*2*REPRICER SERVICES INC*****46*66783JJTHL*1**20*1PRV*BI*PXC*207Q00000XCUR*85*CADNM1*85*1*PREMIER BILLING SERVICEN3*234 SEAWAY STN4*TAMPA*FL*33111REF*SY*888555222NM1*87*2N3*2345 OCEAN BLVDN4*MIAMI*FL*33111HL*2*1*22*0SBR*P*18*12312A******HMPAT*****D8*19970314NM1*IL*1*OWENS*TED****MI*000221111N3*236 N MAIN STN4*MIAMI*FL*33413DMG*D8*19430501*MNM1*PR*2*ALLIANCE HEALTH AND LIFE INSURANCE*****XV*741234N4*KANSAS CITY*MO*64108CLM*26462967*100***11:B:1*Y*A*Y*Y*P*EMDTP*431*D8*19981003DTP*439*D8*20070106PWK*03*BM***AC*DMN0012PWK*04*EL***AC*DMN0012PWK*05*EM***AC*DMN0012PWK*06*FX***AC*DMN0012PWK*07*FT***AC*DMN0012PWK*08*AAPWK*09*AAPWK*11*AAPWK*13*AAPWK*15*AAREF*D9*17312345600006351 Chapter 5. Health Insurance scenario 167NTE*ADD*NOTE TEST\\nHI*BK:0340*BF:V7389NM1*82*1*KILDARE*BEN****XX*112233334PRV*PE*PXC*203BF0100YNM1*77*2*ABC CLINIC*****XX*581234567N3*2345 OCEAN BLVDN4*MIAMI*FL*33111LX*1SV1*HC:99213*40*UN*1***1PWK*BT*BM***AC*DMN0012PWK*CB*EL***AC*DMN0012PWK*CK*EM***AC*DMN0012PWK*CT*FX***AC*DMN0012PWK*D2*FT***AC*DMN0012PWK*DA*AAPWK*DB*AAPWK*DG*AAPWK*DJ*AAPWK*DS*AADTP*472*D8*19981003LX*2SV1*HC:99214*15*UN*1***1PWK*03*BM***AC*DMN0012PWK*04*EL***AC*DMN0012PWK*05*EM***AC*DMN0012PWK*06*FX***AC*DMN0012PWK*07*FT***AC*DMN0012PWK*08*AAPWK*09*AAPWK*11*AAPWK*13*AAPWK*15*AADTP*472*D8*19981003LX*3SV1*HC:87072*35*UN*1***2PWK*21*BM***AC*DMN0012PWK*A3*EL***AC*DMN0012PWK*A4*EM***AC*DMN0012PWK*AM*FX***AC*DMN0012PWK*AS*FT***AC*DMN0012PWK*B2*AAPWK*B3*AAPWK*B4*AAPWK*BR*AAPWK*BS*AADTP*472*D8*19981003LX*4SV1*HC:86663*10*UN*1***2PWK*EB*BM***AC*DMN0012PWK*HC*EL***AC*DMN0012PWK*HR*EM***AC*DMN0012PWK*I5*FX***AC*DMN0012PWK*IR*FT***AC*DMN0012PWK*LA*AAPWK*M1*AA 168 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsPWK*MT*AA\\nPWK*NN*AAPWK*OB*AADTP*472*D8*19981010SE*99*1324GE*2*42IEA*1*000000001\\n5.5.2  Delivery to Sterling File Ga teway and routing of the message\\nSterling Secure Proxy confirms the identification of the sender, and if correct, then it routes \\nthe message to our Sterling B2B Integrator for processing by the standard AS2 business processes.\\nSterling B2B Integrator receives an HTTP POST message on the URI defined for inbound AS \\ncommunications, and this in turn initiate s the EDIIntParse business process, which \\ninterrogates the message and retrieves the required values from the configured AS2 Partner profile by several sub-processes.\\nAfter Sterling B2B Integrator confirms the values and the message, it then deposits this \\nmessage in the /AS2/ITSOHealthcare/ITSORetail/Inbound  mailbox for Sterling File Gateway \\nto route. It also sends a properly formatted MDN back to the partner, by Sterling Secure Proxy, to indicate successful receipt of the inbound message.\\nBecause Sterling File Gateway has a Routing Rule that runs on all defined producer \\nmailboxes continuously, the message placed in the /AS2/ITSOHealthcare/ITSORetail/Inbound  mailbox is seen and routed to the \\n/ITSORetail/Inbox  almost immediately upon arrival.\\nFigure 5-55 on page 168 shows the routed message (highlighted) with some of the details of \\nthe route also displayed.\\nFigure 5-55   Successful route of the HIP AA EDI 837 message in Sterling File Gateway\\n Chapter 5. Health Insurance scenario 169As mentioned previously, Sterling File Gateway places the message in the mailbox \\n/ITSORetail/Inbox , which prepares it for the next proc essing step, which will now proceed in \\nSterling B2B Integrator.\\n5.5.3  Processing of the message in Sterling B2B Integrator\\nFigure 5-56 shows the mailbox /ITSORetail/Inbox  prior to the next step in the processing of \\nthe message.\\nFigure 5-56   Mail /ITSORetail/Inbox prior to the Routing Rule running\\nBecause of the routing rule configured to watch this mailbox, the system detects the message after it is placed in the mailbox and then trigger the business process EDIInboundBootstrap.\\nThis business process extracts the message from the /ITSORetail/Inbox  mailbox and then, \\nas part of the process, invoke the EDIDee nvelope business process, which is another \\nprocess that is shipped as a standard part of Sterling B2B Integrator.\\n 170 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsFigure 5-57 shows the steps of a successful execution of the business process.\\nFigure 5-57   Successful execution of EDIInboundBootstrap\\nThis service then invokes the X12Deenvelop eUnified business process, which does the \\nactual de-enveloping of the message, and the compliance check and initial transformation to the canonical format.\\n Chapter 5. Health Insurance scenario 171Figure 5-58 is the successful execution of the X12DeenvelopeUnified business process, \\nwhich in turn invokes the next process in the chain.\\nFigure 5-58   Successful execution of X12DeenvelopeUnified\\nThe X12DeenvelopeUnified business process co mpletes the de-enveloping of the message, \\ngenerates the acknowledgement, and finally triggers the last business process in the chain, which will finally send the messa ge on to the WebSphere MQ queue for further processing.\\n 172 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsFigure 5-59 shows successful execution of the business process ITSOHealthCare_MQSend, \\nwhich completes this portion of the test.\\nFigure 5-59   Successful execution to move the message to the WebSphere MQ queue\\n5.5.4  Processing of the mess age in WebSphere Message Broker\\nAfter the broker picks the inbound 837 message up from the queue, it then routes the \\nmessage to a WTX map node and converts the XML message in backend legacy format. Example 5-30 illustrates the incoming XML me ssage which will be transformed in legacy \\nformat, as shown in Example 5-31 on page 175.\\nExample 5-30   Excerpt of the canonical xml after transformation from HIPAA 837\\n<CMS_837P_5010A1_XML><Interchange><ISA><Record_Identifier_84><Loop_Id></Loop_Id><Loop_Seq_Num></Loop_Seq_Num><Segment_Id>ISA</Segment_Id><Segment_Seq_Num>1</Segment_Seq_Num></Record_Identifier_84><AUTH_INFO_QUAL>00</AUTH_INFO_QUAL><AUTH_INFO></AUTH_INFO>\\n Chapter 5. Health Insurance scenario 173<SEC_INFO_QUAL>00</SEC_INFO_QUAL>\\n<SEC_INFO></SEC_INFO><INTRCHG_ID_QUAL>ZZ</INTRCHG_ID_QUAL><INTRCHG_SENDR_ID>HEALTHCARE_DEV</INTRCHG_SENDR_ID><INTRCHG_ID_QUAL2>ZZ</INTRCHG_ID_QUAL2><INTRCHG_RECVR_ID>HEALTHCARE_PS</INTRCHG_RECVR_ID><INTRCHG_DATE>2007-06-12T00:00:00</INTRCHG_DATE><INTRCHG_TIME>10:41:00</INTRCHG_TIME><REPITION_SEPARATOR>^</REPITION_SEPARATOR><INTRCHG_CTRL_VERS_NO>00501</INTRCHG_CTRL_VERS_NO><INTRCHG_CTRL_NO_286>1</INTRCHG_CTRL_NO_286><ACK_REQ>0</ACK_REQ><USAGE_IND>T</USAGE_IND><COMP_ELE_SEP>:</COMP_ELE_SEP></ISA><Functional_Group><GS><Record_Identifier_84><Loop_Id></Loop_Id><Loop_Seq_Num></Loop_Seq_Num><Segment_Id>GS</Segment_Id><Segment_Seq_Num>1</Segment_Seq_Num></Record_Identifier_84><FUNCT_ID_CD>HC</FUNCT_ID_CD><APP_SENDR_CD>DEVELOPMENT</APP_SENDR_CD><APP_RECVR_CD>PROFSERV</APP_RECVR_CD><FUNCTIONAL_GROUP_DATE>2007-06-12T00:00:00</FUNCTIONAL_GROUP_DATE><FUNCTIONAL_GROUP_TIME>10:41:00</FUNCTIONAL_GROUP_TIME><GRP_CTRL_NO_272>42</GRP_CTRL_NO_272><RESP_AGENCY_CD>X</RESP_AGENCY_CD><VERS_ID_CD>005010X222A1</VERS_ID_CD></GS><DATE_TRANSMISSION_RECEIPT><Record_Identifier_84><Loop_Id></Loop_Id><Loop_Seq_Num></Loop_Seq_Num><Segment_Id>DTP</Segment_Id><Segment_Seq_Num>1</Segment_Seq_Num></Record_Identifier_84><DATE_TIME_QUAL_202>+RC</DATE_TIME_QUAL_202><DATE_TIME_PERIOD_FORMAT_QUAL_201>D8</DATE_TIME_PERIOD_FORMAT_QUAL_201><TRANSMISSION_RECEIPT_DATE>2007-06-12T00:00:00</TRANSMISSION_RECEIPT_DATE></DATE_TRANSMISSION_RECEIPT><CLAIM_SOURCE_INDICATOR><Record_Identifier_84><Loop_Id></Loop_Id><Loop_Seq_Num></Loop_Seq_Num><Segment_Id>REF</Segment_Id> 174 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer Solutions<Segment_Seq_Num>1</Segment_Seq_Num>\\n</Record_Identifier_84><REF_ID_QUAL_354>+PR</REF_ID_QUAL_354><CLAIM_SOURCE_INDICATOR>O</CLAIM_SOURCE_INDICATOR></CLAIM_SOURCE_INDICATOR><Transaction_Set><ST><Record_Identifier_84><Loop_Id></Loop_Id><Loop_Seq_Num></Loop_Seq_Num><Segment_Id>ST</Segment_Id><Segment_Seq_Num>1</Segment_Seq_Num></Record_Identifier_84><TRANS_SET_ID_CD>837</TRANS_SET_ID_CD><TRANS_SET_CTRL_NO_385>1323</TRANS_SET_CTRL_NO_385><IMPL_GUIDE_VERSION_NAME>005010X222A1</IMPL_GUIDE_VERSION_NAME></ST>...</Service_Line></Claim_424></Subscriber_HL></Provider_HL><SE><Record_Identifier_84><Loop_Id></Loop_Id><Loop_Seq_Num></Loop_Seq_Num><Segment_Id>SE</Segment_Id><Segment_Seq_Num>1</Segment_Seq_Num></Record_Identifier_84><TRANS_SEGMENT_COUNT>99</TRANS_SEGMENT_COUNT><TRANS_SET_CTRL_NO_385>1324</TRANS_SET_CTRL_NO_385></SE></Transaction_Set><GE><Record_Identifier_84><Loop_Id></Loop_Id><Loop_Seq_Num></Loop_Seq_Num><Segment_Id>GE</Segment_Id><Segment_Seq_Num>1</Segment_Seq_Num></Record_Identifier_84><NO_OF_TRANS_SETS_INCLUDED>2</NO_OF_TRANS_SETS_INCLUDED><GRP_CTRL_NO_272>42</GRP_CTRL_NO_272></GE></Functional_Group><IEA><Record_Identifier_84><Loop_Id> Chapter 5. Health Insurance scenario 175</Loop_Id>\\n<Loop_Seq_Num></Loop_Seq_Num><Segment_Id>IEA</Segment_Id><Segment_Seq_Num>1</Segment_Seq_Num></Record_Identifier_84><NO_OF_INCLUDED_FUNCT_GRPS>1</NO_OF_INCLUDED_FUNCT_GRPS><INTRCHG_CTRL_NO_286>1</INTRCHG_CTRL_NO_286></IEA></Interchange></CMS_837P_5010A1_XML>\\nAfter the broker receives the canonical structure back from the map, it then routes the \\ncanonical message to the appropriate target. In this scenario, there is only one targeted backend application for the canonical message, but in real world scenarios, there could be other backend systems and services that also use the canonical message as input.\\n5.5.5  Final message delivery to backend application\\nExample 5-31 on page 175 shows the result of transforming the canonical xml message into the target backend format. In this scenario, the target format is a message containing fixed length header and detail records. \\nExample 5-31   Target backend format\\n201201161222548590000000000000000001|42|1323|9876543210|JS00111223333|JS00111223333|1|P||||OPEN|A|ZZ|HEALTHCARE_DEV|ZZ|HEALTHCARE_PS|2007-06-12|10:41:00|00501||100|4|TGJ23|||26463774|999996666||||||||||||||||1|0340201201161222550150000000000000000001|42|1324||000221111|000221111|1|P||||OPEN|A|ZZ|HEALTHCARE_DEV|ZZ|HEALTHCARE_PS|2007-06-12|10:41:00|00501|112233334|100|4|TGJ23|||26462967|741234||||1|XX|112233334||||KILDARE||||||1|0340\\nAfter the message is successfully delivered to our backend application, the scenario ends \\nwith the understanding that additional processing needs to occur in our backend application on the message.\\n5.5.6  Delivery of the acknowledgement to the trading partner\\nAs part of the de-enveloping of the HIPAA EDI 837 message in 5.5.3, “Processing of the message in Sterling B2B Integrator” on page 169, one of the steps in the X12DeenvelopeUnified process was to create an acknowledgement for the message.\\nIn this scenario, we return an EDI 999 message to the trading partner. The EDI 999 works \\nmuch like the more common EDI 997, but also details any compliance errors that are discovered in the original message.\\nWhen the de-envelope runs, it invokes the process EDIEnvelopeUnified, which uses the \\ndefined envelopes to prepare the EDI 999 message for transmission back to the trading partner. As part of this enveloping, it also deposits the message into the /ITSORetail  mailbox, \\nand from there, Sterling File Gateway routes the resulting message, by AS2, to the trading partner. 176 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsExample 5-32 is the example EDI 999 that is returned to our trading partner when processing \\nthe example HIPAA EDI 837 message.\\nExample 5-32   Example EDI 999 message.\\nISA*00*          *01*          *ZZ*HEALTHCARE_PS  *ZZ*HEALTHCARE_DEV *120118*1051*^*00501*000000007*0*T*:~GS*FA*DEVELOPMENT*PROFSERV*20120118*1051*17*X*005010~ST*999*0001~AK1*HC*42*005010X222A1~AK9*E*2*2*2~SE*4*0001~GE*1*17~IEA*1*000000007~\\n5.6  Conclusion\\nThis scenario demonstrates the integration of several IBM products into what appears to be, at first glance, a fairly simple inbound flow of messages, with a corresponding return message to our partner if the message is not compliant.\\nHowever, even this simple flow can dramatically reduce the processing time and resources \\nneeded to deal with the messages in question. By automating this processing, we can improve overall throughput and reduce wait times on the trading partner’s end, while also taking advantage of streamlined processing and reduced workloads on the staff of the company implementing this solution.\\nThis scenario is only one possible use of the interaction of the systems in question, and could \\nbe expanded upon to deal with any number of different requirements for the quick processing of messages between two trading partners.\\nIn particular, the integration of these various systems could provide an example to a company \\nthat only has part of these systems currently deployed. This scenario shows the simplicity of connecting these systems into an  integrated whole, and as ment ioned, this scenario can be \\nexpanded upon to deal with messages of nearly any type. © Copyright IBM Corp. 2012. All rights reserved. 177Chapter 6. Financial Services scenario\\nThis chapter provides a sample scenario involving two companies: a company acting as a \\nseller, another playing the role of the buyer, and a financial institution, a bank. The bank acts as an intermediary and processes the payment on behalf of the buyer and also responds back to the seller to acknowledge that the payment has been processed correctly. \\nThe seller sends an invoice in a proprietary flat file to the buyer, then the buyer receives and \\ntransforms the document into XML format and routes it to the bank. The bank processes the file internally to accomplish the payment and then sends a copy of the XML file back to the seller as an acknowledgement of the payment received. See also Figure 6-4 on page 181.\\nWe assume that the bank internal processing of the payment is accomplished by an existing \\ninternal processing system. So our scenario demonstrates the file routing and transformation within a circular flow that starts from the seller,  goes to the buyer, and from here to the bank. \\nThe process ends when the bank delivers an acknowledgement file back to the seller. \\nA second scenario in this chapter extends the above scenario to demonstrate the integration \\nof Sterling B2B Integrator with WebSphere Message Broker. \\nThis chapter includes the following sections:\\n/SM5900006.1, “Business value” on page 178\\n/SM5900006.2, “Prerequisites: Technical and infrastructure” on page 178\\n/SM5900006.3, “Presenting the Financial Services scenario” on page 181\\n/SM5900006.4, “Configuring the scenario” on page 185\\n/SM5900006.5, “Testing the scenario” on page 235\\n/SM5900006.6, “Extended scenario” on page 238\\n/SM5900006.7, “Conclusion” on page 2596\\nTip: If you want to implement the scenario presented in this chapter in your own \\nenvironment, you can download the Project Interc hange file for the applications used in this \\nscenario from the ITSO FTP site. For download instructions, see Appendix A, “Additional material” on page 333. 178 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer Solutions6.1  Business value\\nIBM provides comprehensive integration solutions that help you optimize your dynamic \\nbusiness network. Implementing this Financia l scenario leads to the following business \\nvalues: \\n/SM590000Improve business agility  by securely and flexibly integr ating with any partner, any system, \\nanywhere. It is crucial to making vital connections with customers, suppliers, and others in your B2B community.\\n/SM590000\\nImprove operational efficiency  by seamlessly automating manual business and IT \\nprocesses inside and outside your enterprise. Thus it saves you staff, time, and money, which can be used to grow your business in other key areas.\\n/SM590000\\nImprove business performance  by providing visibility into actionable information across \\nyour key business and IT processes.\\n/SM590000Empower data movement  by providing assured file delivery with  visibility, control, and \\ngovernance for all data movement.\\n6.2  Prerequisites: Technical and infrastructure\\nY ou need to meet the following prerequisites in order to understand and implement this scenario.\\n6.2.1  Software prerequisites\\nThe implementation of this scenario is based on the following products that therefore need to be installed in order to implement this solution:\\n/SM590000IBM Sterling B2B Integrator version 5.2.3\\n/SM590000IBM Sterling File Gateway version 2.2.3\\n/SM590000IBM Sterling Connect:Direct version 4.6\\n/SM590000IBM Sterling Connect:Direct File Agent version 1.4\\n/SM590000IBM Sterling Secure Proxy version 3.4\\n/SM590000IBM Sterling Control Center version 5.3\\n/SM590000IBM WebSphere Transformation Extender Design Studio version 8.4\\n/SM590000IBM WebSphere Transformation Extender for Integration Servers version 8.4 Chapter 6. Financial Services scenario 179Figure 6-1 illustrates the configur ation details for the environment used in the buyer network \\nfor this scenario.\\nFigure 6-1   Buyer system configuration\\nFigure 6-2 illustrates the configuration details fo r the environment used in the seller company \\nfor this scenario.\\nFigure 6-2   Seller system configurationBuyer\\nsystem configuration\\nServer 2\\nsi01.itso.ibm.com\\nIBM Sterling B2B\\nIntegrator \\nIBM Sterling File\\nGateway\\nServer 1\\nssp01.itso.ibm.com\\nIBM Sterling\\nSecure Proxy\\nServer 3\\nscc01.itso.ibm.com\\nIBM Sterling\\nControl Center\\nDMZ Secure\\nSeller\\nsystem configuration\\nServer\\ncd01.itso.ibm.com\\nIBM Sterling Connect:Direct 180 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsFigure 6-3 illustrates the configur ation details for the environmen t used in the bank for this \\nscenario.\\nFigure 6-3   Bank system configuration\\n6.2.2  Skills prerequisites\\nIn order to fully implement and understand this scenario, we as sume that you are familiar with \\nthe following activities:\\n/SM590000Installing and configuring IBM Sterling Secu re Proxy to communicate with Sterling B2B \\nIntegrator, Sterling File Gateway, and Sterling Connect:Direct.\\n/SM590000Installing and configuring IBM Sterling File  Gateway to receive, handle, and route \\nmessages.\\n/SM590000Installing and configuring IBM St erling Connect:Direct and its F ile Agent to send, receive, \\nand automatically route messages.\\n/SM590000Installing and configuring IBM St erling B2B Integrator  to receive, handle, translate, and \\nsend messages.\\n/SM590000Installing and configuring IBM WebSphere Tran sformation Extender Design Studio V8.4. \\nThis map design tool is used to develop the map used to translate and transform data to \\nthe desired format.\\n/SM590000Installing and configuring IBM WebSphere Tr ansformation Extender for Integration \\nServers V8.4. It is the runtime engine that allows execution of the WebSphere Transformation Extender map on Sterling B2B Integrator.\\nBank\\nsystem configuration\\nServer\\ncd02.itso.ibm.com ALIAS fa01.itso.ibm.com\\nIBM Sterling Connect:Direct\\nIBM Sterling File Agent Chapter 6. Financial Services scenario 1816.3  Presenting the Financial Services scenario\\nThis section provides an overview of the data flow for the scenario described in Figure 6-4. \\nFigure 6-4   Payment Process\\nFor this particular scenario, we are implementing a sample flow that can be described by the \\nfollowing steps: \\n1. The seller sends an invoice in a flat file to the buyer by http protocol using the web \\ninterface IBM Sterling myFileGateway. The file is uploaded to a dedicated seller mailbox on the Sterling File Gateway server installed at the buyer side, and the connection is secured through Sterling Se cure Proxy (Figure 6-5). \\nFigure 6-5   myFileGateway file upload\\n 182 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer Solutions2. The buyer receives the invoice on the seller mailbox, and kicks off a Business Process. It \\ngenerates and sends the payment to the bank in XML format using the WTX Map service first for generating the XML file, and then the Co nnect:Direct protocol to send it to the bank \\n(Figure 6-6). \\nFigure 6-6   Business Process with WTX Map service\\n3. The bank receives the payment on its Connect:Direct server, then processes it on their \\nlegacy systems and sends a copy of the XML file to the selle r by Connect:Direct as an \\nacknowledgement of the payment received. The latter is automated by mean of the File Agent, which is monitoring the Connect:Dir ect directory where the file comes in, \\nand kicks off a Connect:Direct process to send the acknowledgement to the seller. See Figure 6-7 and Figure 6-8. \\n Chapter 6. Financial Services scenario 183Figure 6-7   Connect:Direct bank’s node: CDNODE\\nFigure 6-8   IBM Sterling Connect:Direct File Agent\\n 184 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer Solutions4. The buyer has a Control Center instance to monitor all of the communications \\n(Figure 6-9).\\nFigure 6-9   IBM Sterling Control Center\\n6.3.1  Alternate scenarios\\nIn step 2 on page 182, we described the use of the WTX Map service for the translation. The WTX Map service requires you to install WebSphere Transformation Extender V8.4 on the same machine as the Sterling B2B Integrator V5.2.3 Server, and configure the Sterling B2B Integrator PATH and CLASSPATH to point to your WebSphere Transformation Extender installation.\\nIt is a very interesting point that shows how Sterling B2B Integrator integrates with \\nWebSphere Transformation Extender seamlessly and effectively. \\nHowever, Sterling B2B Integrator includes a number of embedded translation services such \\nas the proprietary Translation service. So of course it is also possible to modify the scenario described in 6.3, “Presenting the Financial Services scenario” on page 181, and for instance, to use the embedded Translation service instead of the WTX Map service as depicted in Figure 6-10.Tip: We are demonstrating only a single invoice transaction flow in this section. In most \\ncases, a real financial service scenario contains multiple transactions that represent a full conversation. For example, a buyer sends a purchase order. The seller can respond with an advanced shipping notice and an invoice that is related to the order that was received, then a delivery notice after the payment, and so on.\\n Chapter 6. Financial Services scenario 185Figure 6-10   Business Process with Translation service\\nThis map shows another interesting aspect of the integration between Sterling B2B Integrator \\nand WebSphere Transformation Extender. The same map used to translate the document by the WTX Map service is reusable to perform the transformation through the embedded Translation Service.\\n6.4  Configuring the scenario\\nThis section illustrates the insta llation parameters for the pro ducts needed to implement this \\nscenario (listed in 6.2.1, “Software prerequisites” on page 178) and their configurations.\\n6.4.1  Installing and configuring the IBM Sterling B2B Integrator\\nTable 6-1 shows the parameters used to install the product on a Windows server in the secure zone of the buyer company network.\\nTable 6-1   IBM Sterling B2B Integrator installation parameters Tip: WTX Map service provides more flex ibility with the WebSp here Transformation \\nExtender maps. For example, the WTX Map service supports multiple inputs and/or outputs, but the Translation service does not.\\nParameter name Value\\nInstallation Directory C:\\\\IBM\\\\SIJDK directory C:\\\\Program Files\\\\Java\\\\jdk1.6.0_26\\nJCE jar file C:\\\\Users\\\\IBM_ADMIN\\\\Desktop\\\\unrestricted.zip\\nInstall jar C:\\\\Users\\\\IBM_ADMIN\\\\Desktop\\\\SI_5020300.jarIP address localhost\\nInitial port 8080 186 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsSpecial considerations\\nThe following considerations apply:\\n/SM590000The installation directory is the location where SI needs to be installed. Make sure that no \\nspace is given in the folder location.The installation assumes the presence of a DB2 database for Sterling B2B Integrator. If you do not have DB2 installed, follow the procedures in the DB2 Installation Manual  at this website:\\nhttp://public.dhe.ibm.com/ps/products/db2/info/vr97/pdf/en_US/DB2InstallingServ\\ners-db2ise972.pdf\\n/SM590000During the pre-installation phase of Sterling B2B Integrator, a DB connectivity test is \\nrequired. Note that it is mandatory and, un less completed successfully, the installation \\ndoes not start.\\nFigure 6-11   DB2 Error messagePassphrase *********\\nE-Mail address administrator@mail.itso.ibm.comSMTP Mail Server localhostDatabase Vendor DB2\\nDatabase user name si\\nDatabase password *********Database catalog name SI52\\nDatabase host db2.itso.ibm.com\\nDatabase port 50000Database driver C:\\\\db2jcc.jar\\nC:\\\\db2jcc_license_cu.jar\\nImportant:  The installation script creates tables and indexes. Certain tables require a \\npage size of 32K. Y ou must have a table space to accommodate such tables on DB2. If you \\ndon not create a table space on DB2, you get the installation failure shown in Figure 6-11.Parameter name Value\\n Chapter 6. Financial Services scenario 187Before installing the pr oduct on your environm ent, for more informat ion, check the Sterling \\nB2B Integrator 5.2.3 documentation with special attention to the “System Requirements” section and the Installation Guide  available at this website:\\nhttp://help.sterlingcommerce.com/SB2BI52/index.jsp\\nConfiguring IBM Ster ling B2B Integrator\\nWe need to implement a Sterling B2B Integrator Business Process to extract the message \\nfrom the mailbox to which the seller uploads the invoice, then to translate the message into \\nXML and route it to the bank by the Connect:Direct protocol. Optionally, a copy of the same XML content can be sent as a message to a WebSphere MQ queue manager for further processing in the buyer enterprise service bus. It is discussed in more detail as a possible extension of the Financial Services scenario in 6.6, “Extended scenario” on page 238.\\nIn order to use the Connect:Direct services in Sterling B2B Integrator, we need to configure a \\nConnect:Direct Server Adapter instance first, which in its turn requires to configure the Nodes, to define a Netmap and the Netmap Cross Reference.\\nFigure 6-12 and Figure 6-13 illustra te the configurations for t he Nodes, the Netmap, and the \\nNetmap Cross Reference used for the subsequent Connect:Direct Server Adapter configuration.\\nFigure 6-12   Connect:Direct nodes\\n 188 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsFigure 6-13   Connect:Direct Netmap\\nFigure 6-14   Connect:Direct Netmap Cross Reference\\n Chapter 6. Financial Services scenario 189Table 6-2 illustrates the parameters used for the Connect:Direct Server Adapter \\nConfiguration. It includes th e parameters used to config ure the nodes illustrated in \\nFigure 6-12 on page 187. \\nTable 6-2   Sterling B2B Integrator Con nect:Direct Server Adapter node: CDBUYERSI\\nService settings\\nService Type Sterling Connect:Direct Server Adapter\\nDescription CDBUYERSI\\nSystem Name CDBUYERSIGroup Name None\\nSterling Connect:Direct Server Node Name CDBUYERSI\\nSterling Connect:Direct Perimeter Services \\nOptionnode1 & local\\nSterling Connect:Direct Server Port 1366 \\nFirewall Ports None provided \\nMax locally initiated (pnode) sessions allowed 5\\nMax remotely initiated (snode) sessions allowed 5Document Storage File System\\nNetMap Check No\\nBuffer-size for Copy 32768 Number of short-term session retry attempts 5\\nInterval between short-term session attempts \\n(seconds)5\\nNumber of long-term se ssion retry attempts 5\\nInterval between long-term session attempts \\n(minutes)1\\nRetry Remote File Allocation Errors No\\nMax Session Establishment Timeout value in \\nSeconds600\\nMax Socket Read Timeout value in Seconds 90\\nServer Start Option Warm\\nRunTask Business Proce ss Name None provided\\nRunJob Business Process Name None provided\\nMax Run Task Forwarding Timeout value in \\nSeconds300\\nMax Run Job Forwarding Timeout value in \\nSeconds30\\nEncryption using Secure+ Disabled \\nEnable Netmap Node Override Yes 190 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsThe Business Process shown in Example 6-1 is an example of implementation that uses the \\nWTX Map service for the communication.\\nExample 6-1   Business Pr ocess with WTX Map service\\nDescription: Version 1.0\\nBusiness Process Definition:\\n<process name = \"FinancialScenarioBPWTXVersion\"> \\n  <sequence name=\"Sequence Start\">    <operation name=\"Mailbox Extract Begin Service\">      <participant name=\"MailboxExtractBegin\"/>      <output message=\"MailboxExtractBeginServiceTypeInputMessage\">        <assign to=\".\" from=\"*\"></assign>        <assign to=\"CommitNow\">Yes</assign>        <assign to=\"MessageId\" from=\"/ProcessData/RoutingRequest/RoutingRequest/MessageId[last()]/text() \"></assign>      </output>      <input message=\"inmsg\">        <assign to=\".\" from=\"*\"></assign>      </input>    </operation>\\n    <operation name=\"WTX Map\">\\n      <participant name=\"WTXMapService\"/>      <output message=\"WTXMapServiceTypeInputMessage\">        <assign to=\".\" from=\"*\"></assign>        <assign to=\"MapName\">WTXDemo</assign>        <assign to=\"in1\">//PrimaryDocument</assign>        <assign to=\"out1\">//PrimaryDocument</assign>      </output>      <input message=\"inmsg\">        <assign to=\".\" from=\"*\"></assign>Sterling Connect:Direct Server Netmap NETMAPBUYERSI\\nNumber of Nodes in Netmap 2Connect:Direct Server Node Name: CDBANK\\nHost: 9.42.170.223\\nPort: 1364\\nMax Pnode sessions: 5Max Snode sessions: 5\\nAlternate Comm Info:\\nSecure+ Option: disabledCipher Suites: none\\nConnect:Direct Server Node Name: CDBUYERSI\\nHost: 9.42.170.226\\nPort: 1366\\nMax Pnode sessions: 5Max Snode sessions: 5\\nAlternate Comm Info:\\nSecure+ Option: disabledCipher Suites: noneService settings Chapter 6. Financial Services scenario 191      </input>\\n    </operation>\\n    <operation name=\"CD Server Begin Session Service\">\\n      <participant name=\"CDServerBeginSession\"/>      <output message=\"CDServerBeginSessionServiceTypeInputMessage\">        <assign to=\"LocalCDNodeName\">CDBUYERSI</assign>        <assign to=\"ProcessName\">SNDTOCD</assign>        <assign to=\"RemoteCDNodeName\">CDBANK</assign>        <assign to=\".\" from=\"*\"></assign>      </output>      <input message=\"inmsg\">        <assign to=\".\" from=\"*\"></assign>      </input>    </operation>\\n    <operation name=\"CD Server CopyTo Service\">\\n      <participant name=\"CDServerCopyTo\"/>      <output message=\"CDServerCopyToServiceTypeInputMessage\">        <assign to=\"RemoteFileName\">c:\\\\CDBANKCOMM\\\\CDBUYERIN\\\\bankCheck.xml</assign>        <assign to=\"SessionToken\" from=\"SessionToken/SessionId/text()\"></assign>        <assign to=\".\" from=\"*\"></assign>      </output>      <input message=\"inmsg\">        <assign to=\".\" from=\"*\"></assign>      </input>    </operation>\\n    <operation name=\"CD Server End Session Service\">\\n      <participant name=\"CDServerEndSession\"/>      <output message=\"CDServerEndSessionServiceTypeInputMessage\">        <assign to=\"SessionToken\" from=\"SessionToken/SessionId/text()\"></assign>        <assign to=\".\" from=\"*\"></assign>      </output>      <input message=\"inmsg\">        <assign to=\".\" from=\"*\"></assign>      </input>    </operation>\\n    <onFault>\\n      <sequence name=\"Sequence Start\">        <assign name=\"Assign\" to=\"OnFaultError\">En error occurred in the sequence</assign>        <operation name=\"CD Server End Session Service\">          <participant name=\"CDServerEndSession\"/>          <output message=\"CDServerEndSessionServiceTypeInputMessage\">            <assign to=\"SessionToken\" from=\"SessionToken/SessionId/text()\"></assign>            <assign to=\".\" from=\"*\"></assign>          </output>          <input message=\"inmsg\">            <assign to=\".\" from=\"*\"></assign>          </input>        </operation> 192 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer Solutions      </sequence>\\n    </onFault>  </sequence></process>\\nAs discussed in section 6.3.1, “Alternate scenarios” on page 184, it is also possible to use the \\nTranslation Service for the translation step as shown in the Business Process in Example 6-2. \\nExample 6-2   Business Process with Translation Service\\nDescription: Version 1.0Business Process Definition:\\n<process name = \"FinancialScenarioBPTranServVersion\"> \\n  <sequence name=\"Sequence Start\">    <operation name=\"Mailbox Extract Begin Service\">      <participant name=\"MailboxExtractBegin\"/>      <output message=\"MailboxExtractBeginServiceTypeInputMessage\">        <assign to=\".\" from=\"*\"></assign>        <assign to=\"CommitNow\">Yes</assign>        <assign to=\"MessageId\" from=\"/ProcessData/RoutingRequest/RoutingRequest/MessageId[last()]/text() \"></assign>      </output>      <input message=\"inmsg\">        <assign to=\".\" from=\"*\"></assign>      </input>    </operation>\\n    <operation name=\"Translation Using WTX Map\">\\n      <participant name=\"Translation\"/>      <output message=\"TranslationTypeInputMessage\">        <assign to=\".\" from=\"*\"></assign>        <assign to=\"map_name\">WTXDemo</assign>        <assign to=\"output_report_to_process_data\">Yes</assign>\\n        <assign to=\"output_to_process_data\">No</assign>\\n      </output>      <input message=\"inmsg\">        <assign to=\".\" from=\"*\"></assign>      </input>    </operation>\\n    <operation name=\"CD Server Begin Session Service\">\\n      <participant name=\"CDServerBeginSession\"/>      <output message=\"CDServerBeginSessionServiceTypeInputMessage\">        <assign to=\"LocalCDNodeName\">CDBUYERSI</assign>        <assign to=\"ProcessName\">SNDTOCD</assign>        <assign to=\"RemoteCDNodeName\">CDBANK</assign>        <assign to=\".\" from=\"*\"></assign>      </output>      <input message=\"inmsg\">        <assign to=\".\" from=\"*\"></assign>      </input>    </operation>\\n    <operation name=\"CD Server CopyTo Service\"> Chapter 6. Financial Services scenario 193      <participant name=\"CDServerCopyTo\"/>\\n      <output message=\"CDServerCopyToServiceTypeInputMessage\">        <assign to=\"RemoteFileName\">c:\\\\CDBANKCOMM\\\\CDBUYERIN\\\\bankCheck.xml</assign>        <assign to=\"SessionToken\" from=\"SessionToken/SessionId/text()\"></assign>        <assign to=\".\" from=\"*\"></assign>      </output>      <input message=\"inmsg\">        <assign to=\".\" from=\"*\"></assign>      </input>    </operation>\\n    <operation name=\"CD Server End Session Service\">\\n      <participant name=\"CDServerEndSession\"/>      <output message=\"CDServerEndSessionServiceTypeInputMessage\">        <assign to=\"SessionToken\" from=\"SessionToken/SessionId/text()\"></assign>        <assign to=\".\" from=\"*\"></assign>      </output>      <input message=\"inmsg\">        <assign to=\".\" from=\"*\"></assign>      </input>    </operation>\\n    <onFault>\\n      <sequence name=\"Sequence Start\">        <assign name=\"Assign\" to=\"OnFaultError\">En error occurred in the sequence</assign>        <operation name=\"CD Server End Session Service\">          <participant name=\"CDServerEndSession\"/>          <output message=\"CDServerEndSessionServiceTypeInputMessage\">            <assign to=\"SessionToken\" from=\"SessionToken/SessionId/text()\"></assign>            <assign to=\".\" from=\"*\"></assign>          </output>          <input message=\"inmsg\">            <assign to=\".\" from=\"*\"></assign>          </input>        </operation>\\n      </sequence>\\n    </onFault>  </sequence></process>\\nThe third Business Process example shown in Example 6-3 shows how a copy of the same \\nXML content for the bank can be also sent as a message to a WebSphere MQ queue manager for further processing in the Buyer enterprise service bus as described in 6.6, “Extended scenario” on page 238. 194 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsExample 6-3   Business Process with MQ communication\\nDescription: Version 1.2\\nBusiness Process Definition:\\n<process name = \"FinancialScenarioBPWTXInvokeExtension\"> \\n  <sequence name=\"Sequence Start\">    <operation name=\"Mailbox Extract Begin Service\">      <participant name=\"MailboxExtractBegin\"/>      <output message=\"MailboxExtractBeginServiceTypeInputMessage\">        <assign to=\".\" from=\"*\"></assign>        <assign to=\"CommitNow\">Yes</assign>        <assign to=\"MessageId\" from=\"/ProcessData/RoutingRequest/RoutingRequest/MessageId[last()]/text() \"></assign>      </output>      <input message=\"inmsg\">        <assign to=\".\" from=\"*\"></assign>      </input>    </operation>\\n    <operation name=\"WTX Map\">\\n      <participant name=\"WTXMapService\"/>      <output message=\"WTXMapServiceTypeInputMessage\">        <assign to=\".\" from=\"*\"></assign>        <assign to=\"MapName\">WTXDemo</assign>        <assign to=\"in1\">//PrimaryDocument</assign>        <assign to=\"out1\">//PrimaryDocument</assign>      </output>      <input message=\"inmsg\">        <assign to=\".\" from=\"*\"></assign>      </input>    </operation>\\n    <operation name=\"Invoke Business Process Service\">\\n      <participant name=\"InvokeBusinessProcessService\"/>\\n      <output message=\"InvokeBusinessProcessServiceTypeInputMessage\">\\n        <assign to=\".\" from=\"*\"></assign>        <assign to=\"INVOKE_MODE\">INLINE</assign>        <assign to=\"WFD_NAME\">FinancialScenarioMQExtension</assign>      </output>      <input message=\"inmsg\">        <assign to=\".\" from=\"*\"></assign>      </input>    </operation>\\n    <sequence name=\"CDSequence\">\\n      <operation name=\"CD Server Begin Session Service\">        <participant name=\"CDServerBeginSession\"/>        <output message=\"CDServerBeginSessionServiceTypeInputMessage\">          <assign to=\"LocalCDNodeName\">CDBUYERSI</assign>          <assign to=\"ProcessName\">SNDTOCD</assign>          <assign to=\"RemoteCDNodeName\">CDBANK</assign>          <assign to=\".\" from=\"*\"></assign>        </output>        <input message=\"inmsg\"> Chapter 6. Financial Services scenario 195          <assign to=\".\" from=\"*\"></assign>\\n        </input>      </operation>\\n      <operation name=\"CD Server CopyTo Service\">\\n        <participant name=\"CDServerCopyTo\"/>        <output message=\"CDServerCopyToServiceTypeInputMessage\">          <assign to=\"RemoteFileName\">c:\\\\CDBANKCOMM\\\\CDBUYERIN\\\\bankCheck.xml</assign>          <assign to=\"SessionToken\" from=\"SessionToken/SessionId/text()\"></assign>          <assign to=\".\" from=\"*\"></assign>        </output>        <input message=\"inmsg\">          <assign to=\".\" from=\"*\"></assign>        </input>      </operation>\\n      <operation name=\"CD Server End Session Service\">\\n        <participant name=\"CDServerEndSession\"/>        <output message=\"CDServerEndSessionServiceTypeInputMessage\">          <assign to=\"SessionToken\" from=\"SessionToken/SessionId/text()\"></assign>          <assign to=\".\" from=\"*\"></assign>        </output>        <input message=\"inmsg\">          <assign to=\".\" from=\"*\"></assign>        </input>      </operation>\\n      <onFault>\\n        <sequence name=\"Sequence Start\">          <assign name=\"Assign\" to=\"OnFaultError\">En error occurred in the sequence</assign>          <operation name=\"CD Server End Session Service\">            <participant name=\"CDServerEndSession\"/>            <output message=\"CDServerEndSessionServiceTypeInputMessage\">              <assign to=\"SessionToken\" from=\"SessionToken/SessionId/text()\"></assign>              <assign to=\".\" from=\"*\"></assign>            </output>            <input message=\"inmsg\">              <assign to=\".\" from=\"*\"></assign>            </input>          </operation>\\n        </sequence>\\n      </onFault>    </sequence>    <onFault>      <assign to=\"Error\">Error on First Sequence</assign>    </onFault>  </sequence></process> 196 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsExample 6-4 shows the Business Process invoked by the Business Process in Example 6-3 \\non page 194 for the actual communication with the WebSphere MQ queue manager. \\nExample 6-4   Business Process invoked for the actual MQ communication\\nDescription: Version 1.0Business Process Definition:\\n<process name = \"FinancialScenarioMQExtension\"> \\n  <sequence name=\"PutFileInMQ\">    <operation name=\"WSMQ Open Session\">      <participant name=\"WSMQ_OpenSession\"/>      <output message=\"WSMQOpenSessionInputMessage\">        <assign to=\"wsmq_channel\">B2B.FINANCE.SBI</assign>        <assign to=\"wsmq_hostname\">9.42.170.226</assign>        <assign to=\"wsmq_port\">1414</assign>        <assign to=\"wsmq_qmanager\">B2B02</assign>        <assign to=\".\" from=\"*\"></assign>      </output>      <input message=\"inmsg\">        <assign to=\".\" from=\"*\"></assign>      </input>    </operation>\\n    <operation name=\"WSMQ Open Queue\">\\n      <participant name=\"WSMQ_OpenQueue\"/>      <output message=\"WSMQOpenQueueInputMessage\">        <assign to=\"wsmq_MQOO_type\">PUT</assign>        <assign to=\"wsmq_qname\">FINANCE.B2B.ESB.REQUEST</assign>        <assign to=\".\" from=\"*\"></assign>      </output>      <input message=\"inmsg\">        <assign to=\".\" from=\"*\"></assign>      </input>    </operation>\\n    <operation name=\"WSMQ Put Message\">\\n      <participant name=\"WSMQ_PutMessage\"/>      <output message=\"WSMQPutMessageInputMessage\">        <assign to=\"wsmq_MQMD_expiry\">0</assign>        <assign to=\"wsmq_MQMD_msgType\">DATAGRAM</assign>        <assign to=\"wsmq_qname\">FINANCE.B2B.ESB.REQUEST</assign>        <assign to=\".\" from=\"*\"></assign>      </output>      <input message=\"inmsg\">        <assign to=\".\" from=\"*\"></assign>      </input>    </operation>\\n    <operation name=\"WebSphereMQ Suite Commit\">\\n      <participant name=\"WSMQ_Commit\"/>      <output message=\"WSMQCommitInputMessage\">        <assign to=\".\" from=\"*\"></assign>      </output>      <input message=\"inmsg\">        <assign to=\".\" from=\"*\"></assign> Chapter 6. Financial Services scenario 197      </input>\\n    </operation>\\n    <operation name=\"WSMQ Close Queue\">\\n      <participant name=\"WSMQ_CloseQueue\"/>      <output message=\"WSMQCloseQueueInputMessage\">        <assign to=\"wsmq_qname\">FINANCE.B2B.ESB.REQUEST</assign>        <assign to=\".\" from=\"*\"></assign>      </output>      <input message=\"inmsg\">        <assign to=\".\" from=\"*\"></assign>      </input>    </operation>\\n    <operation name=\"WSMQ Close Session\">\\n      <participant name=\"WSMQ_CloseSession\"/>      <output message=\"WSMQCloseSessionInputMessage\">        <assign to=\".\" from=\"*\"></assign>      </output>      <input message=\"inmsg\">        <assign to=\".\" from=\"*\"></assign>      </input>    </operation>\\n    <onFault>\\n      <sequence>        <operation name=\"WebSphereMQ Suite Close Queue\">          <participant name=\"WSMQ_CloseQueue\"/>          <output message=\"WSMQCloseQueueInputMessage\">            <assign to=\".\" from=\"*\"></assign>            <assign to=\"wsmq_qname\">FINANCE.B2B.ESB.REQUEST</assign>          </output>          <input message=\"inmsg\">            <assign to=\".\" from=\"*\"></assign>          </input>        </operation>\\n        <operation name=\"WebSphereMQ Suite Close Session\">\\n          <participant name=\"WSMQ_CloseSession\"/>          <output message=\"WSMQCloseSessionInputMessage\">            <assign to=\".\" from=\"*\"></assign>          </output>          <input message=\"inmsg\">            <assign to=\".\" from=\"*\"></assign>          </input>        </operation>\\n      </sequence>\\n    </onFault>  </sequence></process> 198 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer Solutions6.4.2  Installing and configuring the IBM Sterling File Gateway\\nThis section describes the installation and the configuration of Sterling File Gateway at the \\nBuyer company as it is required to allow th e Seller company to send the invoice to Buyer \\nusing myFileGatway. \\nSterling File Gateway 2.2.3 requires Sterling B2B Integrator 5.2.3, so the following installation \\nsteps assume that you have already installed Sterling B2B Integrator 5.2.3.\\nInstallation procedure\\nFollow these steps:\\n1. Stop Sterling B2B Integrator 5.2.3.\\n2. Close all command prompt windows.3. Install the Sterling F ile Gateway jar file:\\na. Open a command prompt window.\\nb. Run the following command:\\ninstall_dir\\\\bin\\\\InstallService.cmd install_dir\\\\packages\\\\filegateway_2020300\\nConfiguring IBM Sterling File Gateway \\nIn order to configure Sterling File Gateway to be ready to accept connections from the Seller \\nthrough myFileGateway, we need to complete the tasks described in the following sections:\\nConfiguration steps\\nFollow these steps:\\n1. From the menu Participants:\\na. Create community: FINANCIALb. Create partners:\\n\\x81 BUYER\\n\\x81 SELLER\\n2. From the menu Routes:\\na. Create Template: TemplateSellerStatic.\\nb. Create Channel: Creating a channel builds a routing between the producer and the \\nconsumer that use the template created previously.Tip: In this section we are presenting a summary of the installation steps performed to \\ninstall Sterling File Gateway version 2.2.3 for this  specific scenario. However, if you want to \\nreplicate the installation in your own environment, make sure to see the IBM Sterling File \\nGateway Installation Guide at this website, as there are important instructions to follow:\\nhttp://help.sterlingcommerce.com/SFG22/index.jsp Chapter 6. Financial Services scenario 199Figure 6-15 illustrates the parameters us ed for the community configuration.\\nFigure 6-15   Community: FINANCIAL\\n 200 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsFigure 6-16 and Figure 6-17 show the parameters used for the partners setup: BUYER and \\nSELLER.\\nFigure 6-16   Partner: BUYER\\nFigure 6-17   Partner: SELLER\\n Chapter 6. Financial Services scenario 201Figure 6-18 illustrates the parameters  used for creating the template.\\nFigure 6-18   Template: TemplateSellerStatic\\nFigure 6-19 shows the routing channel using the previous template.\\nFigure 6-19   Routing Channel\\n6.4.3  Installing and configuring the IBM Sterling Connect Direct\\nThis section describes th e installation and the configuration of IBM Sterling Connect:Direct at \\nthe Bank company. It is required to allow the Buyer company to send the Payment to the Bank company using IBM Sterling Connect:Direct and also to allow the Bank company to send \\npayment acknowledgement to the Seller company.\\nInstructions:  In this section we are presenting a summary of the installation steps \\nperformed to install IBM Sterling Connect:Direct version 4.6 for this specific scenario. However, if you want to replicate the installation in your own environment, see the IBM \\nSterling Connect:Direct Installation Guide , as there are important instructions to follow:\\nhttp://www.sterlingcommerce.com/documentation/home/MFT/ConnectDirect/Windows/CD\\n%20Windows46/CDWindowsGettingStarted.pdf 202 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsInstallation procedure\\nFollow these steps to insta ll IBM Sterling Connect Direct:\\n1. IBM Sterling Connect:Direct needs a database for its process queue and logs. Its \\ninstallation package has MSSQL Express available, but several other databases are supported. The database must be installed prior to IBM Sterling Connect:Direct installation. \\n2. Run the setup.exe from IBM Sterling Connect:Direct product directory: \\nC:\\\\SterlingConnect Direct V5.1.0\\\\Direct V 4.6.00 for Microsoft Windows\\\\CDWin4600\\\\Server and Requester\\\\setup.exe.\\n3. The installation asks for several parameters. Make sure to select a “Custom” installation \\nso that it will be possible to enter a Local No de Name and the IP and port-number that this \\nIBM Sterling Connect:Direct instance will us e. Otherwise, default values are used.\\nConfiguring IBM Sterling Connect:Direct \\nIn order to configure IBM Sterling Connect:Direct to be ready to accept connections from the \\nBuyer and start connections to Seller, the following steps must be completed. \\nConfiguration steps\\nFollow these steps to configure IBM Sterling Connect Direct:\\n1) Logon to the C:D Requester giving the credentials of the user-id used for installing IBM \\nSterling Connect:DIrect.\\n2) Select Netmap .\\n3) Create nodes for companies BUYER and SELLER as shown in Table 6-3.\\nTable 6-3   Nodes for companies BUYER and SELLER\\nConnect:Direct Server Node Name: CDSELLER\\nHost: 99.42.170.226Port: 1364\\nMax Pnode sessions: 5\\nMax Snode sessions: 5Alternate Comm Info:\\nSecure+ Option: disabled\\nCipher Suites: none\\nConnect:Direct Server Node Name: CDBUYERSI\\nHost: 9.42.170.226Port: 1366\\nMax Pnode sessions: 5\\nMax Snode sessions: 5Alternate Comm Info:\\nSecure+ Option: disabled\\nCipher Suites: none Chapter 6. Financial Services scenario 203Figure 6-20 shows the Sterling Connect:Direct Configuration.\\nFigure 6-20   Sterling Connect:Direct Configuration\\n4) Select Proxies .\\n5) Create proxies for the companies BUYER and SELLER as shown in Table 6-4.\\nTable 6-4   Proxies for the companies BUYER and SELLER\\nConnect:Direct Server Node Remote Userid: ANY\\nRemote Node: CDSELLERLocal Userid: cduser\\nLocal Password: *****\\nConnect:Direct Server Node Remote Userid: ANY\\nRemote Node: CDBUYERSILocal Userid: cduser\\nLocal Password: *****\\n 204 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsFigure 6-21 shows the user proxies. Figure 6-22 shows the window for editing user \\nproxies. Figure 6-23 shows Edit Us er Proxies - Directories window.\\nFigure 6-21   User Proxies\\nFigure 6-22   Edit User Proxies - Main\\n Chapter 6. Financial Services scenario 205Figure 6-23   Edit User Proxies - Directories\\n6.4.4  Installing and configuring the IBM Sterling Connect:Direct File Agent\\nUse the steps in this section to install and configure IBM Sterling Connect:Direct File Agent.\\nInstallation procedure\\nFollow these steps:\\n1. Run the FileAgent.exe from IBM Sterling Connect:Direct product directory:\\nC:\\\\SterlingConnect Direct V5.1.0\\\\Direct V 4.6.00 for Microsoft \\nWindows\\\\CDWin4600\\\\Server and Requester\\\\FileAgentInstall.exe.\\n2. The installation asks for the dire ctory where to install File Agent.\\nConfiguring IBM Sterling Connect:Direct File Agent\\nIn this specific scenario, IBM Sterling Connect:Direct File Agent is used to monitor the \\ndirectory where Buyer sends a copy of the XML file, which is an acknowledgement of the payment received by the Bank. File Agent then submits a process to the Bank IBM Sterling Connect:DIrect to forward the XML file to the Seller.\\nConfiguration steps\\nFollow these steps:\\n1. Open the IBM Sterling Connect:Direct File Agent graphical user interface (Figure 6-24).\\n2. Select the File agent  tab and Default_config .\\n3. Click  Edit .\\n4. Type the following information:\\na. The Userid for API. It is the IBM Sterling Connect:Direct user that the File Agent uses \\nto logon to the Bank IBM Sterling Connect:Direct. In this scenario, it should be “cduser.”\\nb. The Password for API. It is the cduser Windows password.\\n 206 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer Solutions5. API host DNS name: It is the Bank IBM Sterling Connect:Direct IP: 9.42.170.223\\n6. API port: It is the Bank IBM Sterling Connect:Direct Bank port-number: 1364\\n7. Watched directories: It is the directory where Buyer Sterling B2B Integrator Connect:Direct \\nServer adapter puts acknowledgement XML: c:\\\\CDBANKCOMM\\\\CDBUYERIN\\\\.\\nFigure 6-24   Watched directories\\n8. Create new “Submit process rules,” as shown in Figure 6-25 and Figure 6-26.\\nFigure 6-25   Submit Process Rule\\n Chapter 6. Financial Services scenario 207Figure 6-26   Match criteria\\n9. In this specific scenario, any file arriving at the watched directory whose name ends with \\n.XML must submit a process, as shown in Figure 6-27. \\nFigure 6-27   Edit match criterion\\n10.Example 6-5 shows a sample process to be submitted by File Agent:\\nThe following process refers to “On the Submit Process Rules” window after selecting the \\n“Copy_to_CDSELLER” rule to be edited. Then the Submit Process information for watched file event rule Copy_to_CDSELLER window is shown.\\nThe argument ‘Process name C:\\\\CDBANKCOMM\\\\CP2SELLR.cdp’ contains the location \\nand name of the process to be submitted and the argument ‘Process arguments &fn1=%FA_NOT_PATH.’ contains the variable to be passed to the process. In this example, the process variable &fn1 is replaced by the name of the file to be copied. The process deletes the file copied from the origin directory if the copy operation succeeds.\\n 208 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsExample 6-5   Sample process\\n/*BEGIN_REQUESTER_COMMENTS \\n    $PNODE$=\"CDBANK\" $PNODE_OS$=\"Windows\"     $SNODE$=\"CDSELLER\" $SNODE_OS$=\"Windows\"     $OPTIONS$=\"WDOS\"   END_REQUESTER_COMMENTS*/\\nCP2SELLR PROCESS \\n&fn1=default&fn2=defaultSNODE=CDSELLER\\nCPBS1 COPY \\nFROM (FILE=\"C:\\\\CDBANKCOMM\\\\CDBUYERIN\\\\&fn1\")TO ( FILE=\"C:\\\\CDSELLERCOMM\\\\CDBANKIN\\\\&fn1\" DISP=RPL)\\nIF (CPBS1 EQ 0) THEN\\nRUN TASK PNODE (PGM=Windows)\\nSYSOPTS=\"cmd(DEL) ARGS(C:\\\\CDBANKCOMM\\\\CDBUYERIN\\\\&fn1)\"\\nEIF PEND \\nFor more details on how to configure Sterling File Agent, see the IBM Sterling Connect:Direct \\nFile Agent Conf iguration Guide  at the following website:\\nhttp://www.sterlingcommerce.com/documentation/home/MFT/ConnectDirect/File%20Agent/\\nCD%20FileAgent14/CDFAConfigGuide.pdf\\n6.4.5  Installing and configuring the IBM Sterling Secure Proxy\\nThis section describes the configuration of the IBM Sterling Secure Proxy at the Buyer company. We considered it as required to allow the Seller company to send the invoice to Buyer using myFileGatway in a secure manner through the DMZ. Figure 6-28 depicts this configuration.\\nFigure 6-28   Sterling Secure Proxy at the Buyer company\\n Chapter 6. Financial Services scenario 209In the following installation steps, we assume that you have already installed Sterling Secure \\nProxy 3.4.\\nConfiguring an IBM Sterling Secure Proxy\\nIn this section we describe how to configure an IBM Sterling Secure Proxy.\\nConfiguration steps\\nIn order to configure IBM Sterling Secure Proxy to be ready to accept connections from the Seller through myFileGateway, we need to complete the following steps.\\nCreate an Engine Definition\\nThe engine lives in the DMZ and runs the proxy adapters that manage client communication requests to servers in your trusted zone. To perform this function, the engine receives configuration information from CM (Configuration Manager). Use CM to create an engine definition that contains configuration information for the engine. \\nBefore you configure the engine, gather the information in Table 6-5 that you require to \\nconfigure the engine. After you configure the engine, validate the configuration by ensuring that CM can view the engine.\\nTable 6-5   Engine configurationImportant:  Before installing the product on yo ur environment, if you need more \\ninformation, see the Sterling Secure Proxy 3.4  documentation at this website:\\nhttp://www.sterlingcommerce.com/documentation/home/MFT/SSP/SSP.html \\nPay special attention to the “Sys tem Requirements” section and the Installation Guide .\\nCM field Feature/value Value\\nEngine Name Name of the engineEngine Host IP address of the engine\\nEngine Listen Port Port number of the engine 210 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsFollow these steps to define an engine. See Figure 6-29.\\nSelect Configuration  from the menu bar.\\n1. Click Actions \\uf0ae New Engine . \\n2. Specify the following values: \\n– Engine Name \\n– Engine Host– Engine Listen Port\\n3. Click Save . \\nFigure 6-29   Engine definition\\nCreate an HTTP Policy\\nThe HTTP Policy defines how you impose controls to authenticate a trading partner (in our \\ncase BUYER company) trying to access the IBM Sterling File Gateway over the public Internet. \\nFollow these steps to define an HTTP Policy. See Figure 6-30.\\n1. Click Configuration  from the menu bar.\\n2. Click Actions \\uf0ae New Policy \\uf0ae HTTP Policy . \\n3. Type a Policy Name.4. Click Save . \\n Chapter 6. Financial Services scenario 211Figure 6-30   Policy Configuration\\nCreate an HTTP Netmap\\nY ou define inbound connection information for your external trading partners and outbound \\nconnection information for the IBM Sterling File Gateway that Sterling Secure Proxy connects to. These values are stored in a netmap. The netmap is associated with a policy and an adapter. \\nBefore you begin this procedure, be sure that you have created a policy to associate with the \\nnetmap.\\nFollow these steps to create a netmap and define inbound and outbound nodes.\\n1. Click Configuration  from the menu bar.\\n2. Click Actions \\uf0ae New Netmap \\uf0ae HTTP Netmap . \\n3. Type a Netmap Name.\\n4. To define an inbound node definition, click the Inbound Nodes tab and click New. \\nSee Figure 6-31.\\n5. Specify the following values: \\n– Inbound Node Name \\n– Peer Address Pattern – Policy \\nTip: If you have not defined a policy, click the green plus sign to define one.\\n6. Click OK. \\n 212 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsFigure 6-31   HTTP Netmap Inbound Node\\n7. To define an outbound node definition, click the Outbound Nodes  tab and click New.  \\nSee Figure 6-32.\\n8. Specify the following values: \\n– Outbound Node Name \\n– Primary Destination Address – Primary Destination Port \\n9. Click OK.\\n10.Click Save .\\n Chapter 6. Financial Services scenario 213Figure 6-32   HTTP Netmap Outbound Node\\nDefine the HTTP adapter used for the connection\\nAn HTTP adapter definition specifies system-level communications information necessary for \\nHTTP connections to and from Sterling Secure Proxy. Y ou can create multiple adapter definitions depending on your need.\\nBefore you begin this procedure, be sure that you have created the following definitions:\\n/SM590000A netmap to associate with the adapter.\\n/SM590000An engine definition to associate with the adapter. See the following website to Install or \\nUpgrade Sterling Secure Proxy on UNIX or Linux or Install or Upgrade Sterling Secure Proxy on Windows for instructions:\\nhttp://www.sterlingcommerce.com/documentation/home/MFT/SSP/SSP.html  \\nUse the following steps to define an HTTP adapter. See Figure 6-33.\\n1. Click Configuration  from the menu bar.\\n2. Click Actions \\uf0ae New Adapter \\uf0ae HTTP Reverse Proxy . \\n3. Specify values for the following items: \\n– Adapter Name \\n–L i s t e n  P o r t  – Netmap – Standard Routing Node –E n g i n e  \\n4. Click Save .\\n 214 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsFigure 6-33   HTTP Adapter Configuration\\n6.4.6  Installing and configuring the IBM Sterling Control Center\\nThis section describes the installation and the configuration of IBM Sterling Control Center at \\nthe Buyer company. It is required to allow th e Buyer company to manage IBM Sterling File \\nGateway connections with Seller and also to manage IBM Sterling Connect:Direct connections with the Bank.\\nInstallation procedure\\nFollow these steps to install IBM Sterling Control Center.\\n1. IBM Sterling Control Center needs a database to hold its configuration, the alerts that it \\ngenerates, and the logs collected from managed IBM Sterling B2B Integrator and IBM Sterling Connect:Direct. Several databases are supported. The database must be installed and schemas defined prior to IBM Sterling Control Center installation. \\n2. Run the CCinstall.exe  from IBM Sterling Control Center product directory: \\nC:\\\\IBM Sterling Control Center\\\\IBM Sterling Control Center V 5.3.00 for Windows, English (CZZ2KEN)\\\\CZZ2KEN\\\\Windows.  \\nTip: In this section, we are presenting a summary of the installation steps performed to \\ninstall IBM Sterling Control Center version 5.3 for this specific scenario. However, if you \\nwant to replicate the installation in your own environment, make sure to see the IBM \\nSterling Control Center Getting Started Guide , as there are important instructions to follow:\\nhttp://www.sterlingcommerce.com/documentation/SCC53/PDF/GettingStarted.pdf Chapter 6. Financial Services scenario 215See the IBM Sterling Control Center Getting Started Guide for an explanation of the \\nrequired installation parameters:\\nhttp://www.sterlingcommerce.com/documentation/SCC53/PDF/GettingStarted.pdf\\nConfiguring IBM Sterling Control Center\\nIn this specific scenario, IBM Sterling Control Center is used to monitor the sending of the \\npayment message from Buyer to Bank and the XML acknowledgement from Bank to Seller. \\nConfiguration steps\\nFollow these steps:\\n1. Open the IBM Sterling Control Center graphical user interface. See Figure 6-34.\\n2. Select Manage \\uf0ae Add Server  to define Bank and Seller IBM Sterling Connect:Direct.\\nFigure 6-34   Sterling Control Center configuration\\n 216 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsFigure 6-35 shows the server properties.\\nFigure 6-35   Server Properties\\n3. Select Manage \\uf0ae Rules and Actions \\uf0ae Rules  to define the rules to monitor Bank and \\nSeller transmissions. See Figure 6-36.\\n Chapter 6. Financial Services scenario 217Figure 6-36   Rules to monitor Bank and Seller transmissions\\nFigure 6-37 shows the rule properties.\\nFigure 6-37   Rule Properties \\n 218 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer Solutions4. Select Monitor \\uf0ae Alerts  to see new alerts generated by IBM Sterling Control Center. See \\nFigure 6-38.\\nFigure 6-38   Active Alert Monitor\\n Chapter 6. Financial Services scenario 219Figure 6-39 shows the alert properties.\\nFigure 6-39   Alert Properties\\n5. Select Monitor \\uf0ae Handled Alerts to see alerts previously checked by someone.\\n6. Select Queued Process Activity  to see IBM Sterling Connect:Direct processes on the \\nqueue, These are processes running or waiting to run (Figure 6-40).\\n 220 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsFigure 6-40   Queued Process Activity Monitor\\n7. Select Completed Process Activity to see IBM Sterling Connect:Direct process statistics \\n(Figure 6-41). \\nFigure 6-41   Completed Process Activity\\nAlso see the IBM Sterling Control Center Configuration Management Guide at this website:\\nhttp://www.sterlingcommerce.com/documentation/SCC53/PDF/ConfigMgmt.pdf\\n Chapter 6. Financial Services scenario 221Configuring Sterling Control Cent er for Sterling B2B Integrator\\nAlthough not used in this specific scenario, it is also possible to use Sterling Control Center to \\nmonitor a Sterling B2B Integrator instance. This section presents the configuration steps that you need to make if you want to test this additional feature. \\nConfiguration steps for IBM Sterling Control Center\\nFollow these steps:\\n1. Open the IBM Sterling Control Center graphical user interface. See Figure 6-42.\\n2. Select Manage \\uf0ae Add Serve r to define Buyer IBM Sterling B2B Integrator. \\nFigure 6-42   Adding Sterling B2B In tegrator to Sterling Control Center\\n 222 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsFigure 6-43 shows the Connection window.\\nFigure 6-43   Connection\\nThe “Web Service Address” and “Web Service Port” parameters that you need here are \\ndefined in the section named “Configurations steps for IBM Sterling B2B Integrator” on page 228.\\n Chapter 6. Financial Services scenario 223Figure 6-44 shows the Select Protocols window.\\nFigure 6-44   Select protocols\\nTip: Y ou can find detailed information about how to configure IBM Sterling Control Center \\nat the following website:\\nhttp://www.sterlingcommerce.com/documentation/SCC53/PDF/GettingStarted.pdf\\n 224 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer Solutions3. Select Manage \\uf0ae Rules and Actions \\uf0ae Rules  to define the rules to monitor Buyer IBM \\nSterling B2B Integrator. In this example we show a rule to generate an alert whenever an IBM Sterling B2B Integrator adapter is disabled. See Figure 6-45.\\nFigure 6-45   Rule list\\n Chapter 6. Financial Services scenario 225Figure 6-46 shows the Rule Properties window.\\nFigure 6-46   Rule Properties: General\\n 226 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsFigure 6-47 shows the parameters of the rule properties.\\nFigure 6-47   Rule Properties: Parameters\\n4. Select Monitor \\uf0ae Active Alerts  to see the alerts that have been generated by IBM \\nSterling Control Center which have not yet being processed by any operator. \\nFigure 6-48 and Figure 6-49 show the list of Active Alerts at some moment. If you click a \\nspecific alert, another window is o pened showing its detailed information.\\n Chapter 6. Financial Services scenario 227Figure 6-48   Active Alerts Monitor\\nFigure 6-49   Alert Properties\\nTip: Detailed information about how to create IBM Sterling Control Center Rules is \\navailable on the IBM Sterling Control Center - How-To Guide  at this website:\\nhttp://www.sterlingcommerce.com/documentation/SCC53/PDF/HowTo.pdf\\n 228 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsConfigurations steps for IBM Sterling B2B Integrator\\nThe detailed description of the steps necessary to configure Web Services to allow IBM \\nSterling Control Center to manage IBM Sterling B2B Integrator can be found in this manual (see the following website): \\nIBM Sterling B2B Integrator - Monitoring with Sterling Control Center  in the paragraph, \\n“Enable Sterling Integrator for Monitoring by Sterling Control Center.”\\nhttp://help.sterlingcommerce.com/SB2BI52/topic/com.ic.customization.doc/SI_52_PDF/\\nSI52_SCC.pdf\\nAdditional information about Web Services can be found in this manual (see the following \\nwebsite): \\nIBM Sterling B2B Integrator - Web Services\\nhttp://help.sterlingcommerce.com/SB2BI52/topic/com.ic.customization.doc/SI_52_PDF/\\nSI52_WebServices.pdf\\nFigure 6-50 shows the parameters used on this specific scenario. \\nFigure 6-50   Web Service Settings\\n Chapter 6. Financial Services scenario 229This information can be obtained by navigating on the IBM Sterling B2B Integrator dashboard \\n(Figure 6-51) to Deployment \\uf0ae Web Services \\uf0ae Manage  and typing  SCCInteropService \\nin the Search box, and clicking Go. Then click the SCCInteropService  link.\\nFigure 6-51   Web Services Manager\\nWeb Service Address and Web Service Port\\nFigure 6-52 shows the IP address and port number that SCCInteropService is listening to; \\nthese parameters are necessary for configuring IBM Sterling Control Center. To obtain this information, click the View WSDL  link as shown in Figure 6-51. \\n 230 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsFigure 6-52   View WSDL\\n6.4.7  Installing and configuring the IB M WebSphere Transformation Extender \\nDesign Studio\\nAs stated in the introduction to this book, it is assumed that any WebSphere Transformation \\nExtender component that is needed has already been installed. For any scenario using WebSphere Transformation Extender, the Design Studio must be installed on a development platform in order to create the maps needed for translation. In this scenario, WebSphere Transformation Extender for Integration Servers has also been installed on the development platform, as well as on the server that will host the Sterling B2B Integrator. Because the \\ninbound message used for this scenario is of custom format, no industry packs are needed for this scenario. \\nSetting up the Design Studio\\nDetails for setting up the Design Studio to integrate and deploy maps to Sterling B2B Integrator are discussed in detail in Chapter 4, “Routing and transforming messages” on page 69 of this book. Here we discuss the map used to translate the inbound message to the desired format for this scenario.\\nTranslating the message with W ebSphere Transformation Extender\\nFor this scenario, a single translation maps is needed to transform the incoming custom \\npayment message into canonical form. For this scenario, no further translation is needed as the canonical form chosen is also the format  used by the partner to whom the message is \\nsent. Transforming the canonical message to a target format is discussed in “Step 6: Configure WebSphere Transformation Extender” on page 145.\\n Chapter 6. Financial Services scenario 231The inbound message is described in Example 6-6.\\nExample 6-6   Inbound message format\\nThe payments message contains information for 1 to many checks.\\nA check is represented by a fixed length row of 141 byes terminated by CR/LF . The \\ncomposition of check data is described in Table 6-6.\\nTable 6-6   Inbound payment message format\\nUsing the type designer from the WebSphere Transformation Extender Design Studio, we create a custom type tree that follows the format described above. Figure 6-53 shows the type tree definition.\\nFigure 6-53   Type tree for inbound payment messageFIELD POSITION SIZE TYPE COMMENT\\nABA Route Number 00 9 INTEGER Right Justify Zero Fill\\nFrom Account Number 09 15 INTEGER Right Justify Zero FillCheck Number 24 4 INTEGER Right Justify Zero Fill\\nPayment Amount 28 10 DECIMAL(10,2) Right Justify Zero Fill \\nDecimal separator “.”\\nCheck Date 38 8 DATE MMDDCCYY\\nTo Account Number 46 15 INTEGER Right Justify Zero FillDescription/Memo 61 80 CHARACTER Left Justify Space Fill\\n 232 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsThe target format for the map is defined using an xml schema definition. The content of the \\nschema is shown in Example 6-7.\\nExample 6-7   Payment target schema\\n<?xml version=\"1.0\" encoding=\"utf-8\"?><xs:schema xmlns:xs=\"http://www.w3.org/2001/XMLSchema\">  <xs:element name=\"ChkFile\">    <xs:complexType>      <xs:sequence>        <xs:element maxOccurs=\"unbounded\" name=\"Checks\">          <xs:complexType>            <xs:sequence>              <xs:element name=\"ABANum\" type=\"xs:integer\" />              <xs:element name=\"FromAcctNum\" type=\"xs:integer\" />              <xs:element name=\"ChkNum\" type=\"xs:integer\" />              <xs:element name=\"ChkAmt\" type=\"ChkAmt_Type\" />              <xs:element name=\"ChkDate\" type=\"xs:dateTime\" />              <xs:element name=\"ToAcctNum\" type=\"xs:integer\" />              <xs:element name=\"Description80\" type=\"Description80_Type\" />            </xs:sequence>          </xs:complexType>        </xs:element>      </xs:sequence>    </xs:complexType>  </xs:element>  <xs:simpleType name=\"ChkAmt_Type\">    <xs:restriction base=\"xs:decimal\">      <xs:totalDigits value=\"10\" />    </xs:restriction>  </xs:simpleType>  <xs:simpleType name=\"Description80_Type\">    <xs:restriction base=\"xs:string\">      <xs:maxLength value=\"80\" />    </xs:restriction>  </xs:simpleType></xs:schema>\\nUsing the map designer from the WebSphere Transformation Extender Design Studio, we \\ndefine the input card using the type tree described by Figure 6-53 on page 231.\\nThe output card using the xml schema is shown here in Example 6-7. Chapter 6. Financial Services scenario 233Figure 6-54 shows the input card definition.\\nFigure 6-54   Input card definition\\n 234 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsFigure 6-55 shows the output card definition.\\nFigure 6-55   Output card definition\\n Chapter 6. Financial Services scenario 235The map shown in Figure 6-56 loops through each payment record in the input and \\ntransforms it into an xml payment record.\\nFigure 6-56   Payments translation map\\nAfter the map is created and built, it is tested on, and deployed to the Sterling B2B Integrator as described in Chapter 4, “Routing and transforming messages” on page 69 of this book.\\n6.4.8  Installing and configuring the IB M WebSphere Transformation Extender \\nfor Integration Servers\\nThis topic has been covered earlier in this book. For details, see Chapter 4, “Routing and \\ntransforming messages” on page 69.\\n6.5  Testing the scenario\\nIn this section, we provide a breakdown of the actions required to test the scenario. \\nAs described in 6.3, “Presenting the Financial Services scenario” on page 181, the data flow \\nstarts with a manual intervention; indeed, the process starts when the Seller uploads an invoice file to the Buyer. The f ile is routed to the Seller mailbox in the St erling B2B Integrator \\nsystem at the Buyer, subsequently the entire process is automated in the Seller Sterling B2B Integrator and also at the Bank because the F ile Agent in the Bank Connect:Direct monitors \\nthe inbound directory and, as soon a file arrives to that directory, Sterling File Agent sends a file to the Seller as an acknowledgement of the payment received. \\n 236 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsIn order to upload the file using myFileGateway, the Seller must know the login and password, \\nas shown in Figure 6-57.\\nFigure 6-57   IBM Sterling File Gateway\\nThe next steps are completely automated: when the file comes in the mailbox /BUYER/Inbox at the Buyer, a Routing Rule set up for this purpose kicks off the appropriate Business Process for further processing.\\n Chapter 6. Financial Services scenario 237We implemented the Routing Rules shown in Figure 6-58.\\nFigure 6-58   Routing rules\\nWith these Routing Rules, you can test the corresponding Business Processes \\nindependently, as each Routing Rule monitors the /BUYER/Inbox mailbox and then starts the corresponding Business Process: \\n/SM590000The Routing Rule RRFinanc ialScenarioBPWTXVersion calls the Business Process \\nFinancialScenarioBPWTXVersion from Example 6-1 on page 190 which implements the base Financial Scenario.\\n/SM590000The Routing Rule RRFinancialScenarioBPTranS ervVersion calls the Business Process \\nFinancialScenarioBPTranServVersion from Example 6-2 on page 192 which implements the base Financial Scenario but with the Translation service in place of the WTX Map service.\\n/SM590000The Routing Rule RRFinanc ialScenarioBPWTXInvokeExtension calls the Business \\nProcess FinancialScenarioBPWTXInvokeExtens ion from Example 6-3 on page 194 which \\nimplements the Extended Scenario described in section 6.6, “Extended scenario” on page 238.\\nDepending on which scenario you want to test, you can enable the corresponding Routing \\nRule according to the above schema. \\nAny test ends when a copy of the XML file is routed by the bank Connect:Direct process by \\nFile Agent to the seller inbox di rectory C:\\\\CDSELLERCOMM\\\\CDBANKIN\\\\.\\n 238 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer Solutions6.6  Extended scenario\\nAs an extension to the scenario, we consider the buyer’s partner integration systems to \\nconnecting to his backend systems using the ow n internal integration layer, which is an \\nenterprise service bus as discussed in 6.3.1, “Alternate scenarios”. The extension is depicted in Figure 6-59. \\n6.6.1  Business value\\nThe extension provides additional business va lue by seamlessly inte grating the external \\npartner connections to backend systems in the own enterprise of the buyer, by using WebSphere MQ messaging in a chain of transaction-safe operations. The particular value of the enterprise service bus is not only in allo wing this single sample connection, but in \\nsupplying a unique, normalized mean for all the connectivity needs of the enterprise. It reduces the complexity and maintenance cost compared to using a different transport. See Figure 6-59 for a description of this scenario.\\nFigure 6-59   Extended Scenario with enterprise service bus connection\\n6.6.2  Additional prerequisites\\nThe connect to the enterprise  service bus requires additional software and skills.\\nSoftware prerequisites\\nIn addition to the software mentioned in 6.2.1, “Software prerequisites”, you need WebSphere \\nMQ and Message Broker software. \\nSkills prerequisites\\nIn addition to the skills me ntioned in 6.2.2, “Skills pr erequisites”, you need some \\nadministration and development skill regard ing WebSphere MQ and WebSphere Message \\nBroker. General knowledge of messaging in the staff that deals with Sterling B2B Integrator is advantageous. \\n Chapter 6. Financial Services scenario 2396.6.3  Overview of the extension scenario\\nThe overview picture of Figure 6-59 on page 238 shows the scenario connected by IBM \\nWebSphere MQ through the enterprise service bus to the legacy backend resources, right end. The regular message flow is from left to right:\\n1. Sterling B2B Integrator opens a connection to WebSphere MQ queue manager and puts \\n(writes) a message to the IN queue.\\n2. The WebSphere MQ queue manager on B2B02 transfers the message to the queue \\nmanager on host ESB01. \\n3. The IBM Message Broker flow deployed for this scenario gets (reads) the message from \\nthe local IN queue. A WebSphere Translation Extender map designed for that purpose transforms the message to the backend format. Depending on the account number the responsible branch is chosen: content based routing and routing. \\nIn detail, the setup uses two WebSphere MQ queue managers, five application queues and \\nthree channel definitions, as shown in Figure 6-60. These are the WebSphere MQ objects which are directly relevant for the applications and their configuration. \\nFigure 6-60   Applications, queue managers and queues\\nThere are some other configuration steps related to the basic set-up of the messaging and enterprise service bus infrastructure, which belong to the realm of the messaging network administration:\\n/SM590000Create queue managers.\\n/SM590000Create a server connection channel.\\n/SM590000Create a WebSphere MQ queue manager cluster.\\n/SM590000Connect the queue managers in the cluster so that they can write to queues defined on \\nother queue managers without additional administration tasks.\\n/SM590000Create and setup brokers.\\nThe messaging network must be operated as an application neutral infrastructure: for \\nexample, a TCP network. It means that the objects created to set up basic infrastructure can also be used by other applications, if there are no technical reasons against it. <<node>> b2b02 <<node>> esb01 <<node>> branch1\\n<<node>> branch2\\n<<qmgr>> B2B02<<qmgr>> ESB01A\\nAlias \\nQueue\\nIN\\nLocal \\nQueue\\nBACKOUT\\n<<app>> sb2biPUT\\nC\\nClustered \\nQueue\\nIN<<ref>><<Ref as backout queue>>\\n<<broker>> esb01Local Queue\\nBRANCH1.IN\\nGET<<app>> legacyA\\n<<app>> legacyBGET\\nLocal Queue\\nBRANCH2.IN\\nGET\\n<<mflow>> MF.name<<mflow>> MF.name\\n<<mflow>> MF.namePUT\\nPUT\\nGETFINANCE.B2B02.SBI\\nFINANCE.BRANCH2.ESB01 240 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer Solutions6.6.4  Alternate configurations \\nIn this section, we discuss some different choices and configurations, in particular, in the \\nWebSphere MQ topology:\\n/SM590000Use of WebSphere MQ distributed queueing instead of clustering\\n/SM590000Remote WebSphere MQ queue manager\\n/SM590000Remote WebSphere Transformation Extenders\\n/SM590000Choosing different ESB technology\\n6.6.5  Configuring the extended scenario\\nTo set up the extension scenario, we need to configure Sterling B2B Integrator to send \\nmessages to WebSphere MQ, and the WebSphere MQ queue managers, the broker and the WebSphere TX extension to deal with these messages.\\nConfiguring Sterling B2B Integrator\\nMost of the connection from Sterling B2B Integrator to the WebSphere MQ queue manager is configured in Sterling B2B integrator. See the description in “Configuring IBM Sterling B2B Integrator” on page 187. Figure 6-61 shows the business process used to write a message to the WebSphere MQ queue manager.\\nFigure 6-61   Sterling B2B Integrator business process accessing WebSphere MQ\\nConfiguring WebSphere MQ\\nWe assume that WebSphere MQ is already installed on your system. We give a short introduction to the use of WebSphere MQ and comment on some configuration parameters in the following sections. Because WebSphere MQ is a very large system, we recommend that new users study the IBM manuals and Redbooks publications to gain more insight.\\nTo administrate a local WebSphere MQ installation on Windows or Linux, you can use the \\nWebSphere MQ Explorer, call it from the Windows start menu or the command strmqcfg .\\nCreating queue managers \\nTo create a local queue manager, you can use a wizard in the WebSphere MQ Explorer. For a \\nvery basic configuration, not more than the name of the queue manager is needed. Nevertheless, we discuss some hints about configuration collected in the two wizard pages shown in Figure 6-62 and following. \\nChoose a convenient, comprehensive and short queue manager name. We recommend to \\nuse a name with a maximum of 8 characters and to use upper case only. Upper case is in general a good choice for MQ object names. Y ou can use the hostname if you want to see WebSphere MQ as network infrastructure, or a functional name, that allows moving queue managers.\\n Chapter 6. Financial Services scenario 241Y ou can make your new queue manager the default queue manager on the system, which for \\nconvenience can be called without naming it explicitly, though we do not recommend, because the shortcut can be misleading. \\nA default transmission queue is not required for the topologies used in this book. Default \\ntransmission queues are a mean to implement default routes from peripheral queue managers to a central queue manager in hub and spoke topologies. \\nWe propose to set up the queue manager with a dead letter queue where messages go that \\ncannot be delivered. We use the predefined  queue SYSTEM.DEAD.LETTER.QUEUE as \\ndead letter queue for the queue manager. If you choose a different name, be sure to define the queue. If you do not declare and define a dead letter queue, the queue manager closes any connection that tries to send an undeliverable message. This can be good in certain particular scenarios, in most of the cases it would just stop the operation without good reason. In most cases the SYSTEM .DEAD.LETTER.QUEUE can be used. \\nThe numerical values for the maximum handle limit, the maximal count of uncommitted \\nmessages and the trigger interval should be unchanged unless your application requires. Y ou can change these values when needed. See Figure 6-62.\\nFigure 6-62   Queue manager creation by wizard, first page\\n 242 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsThe second page of the wizard, shown in Figure 6-63, requests important settings for \\ntransaction logging and storage. \\nTransaction logging does not mean error reporting, as in a logfile. In this context, something \\nvery alike the redo logs of a database is meant. Productive queue managers should be operated in linear logging mode to allow media recovery. In this case, the transaction logs are kept to help as message backup in case of queue corruption, which can for instance be caused by a failing disk. Development and test queue managers should use circular logging, \\nwhich requires less administration tasks then linear logging. \\nIf you use internal disks, for performance reasons the data and log paths should be located \\non different physical disks. The physical media location is not that relevant if you use SAN storage which is written through a battery buffered cache, though data and log should also then use different sets of physical disk s, in this case for safety reasons.\\nThe capacity of the log you need to provide depends on the volume of data you want to queue \\nand move through the queue manager. \\nThe volume of data relevant for this calculation are the messages in open transactions at one \\ntime. While exact calculations can become quite difficult, a rule of thumb is to take the payload and add 300 byte for message header and another 300 byte logspace for any get or put operation. \\nThe log capacity is (calculated primary logs + secondary logs) * (logfilepages * 4 KB). \\nPrimary log space is created at queue manager start, secondary space when needed. \\nChanges of the numbers become effective after queue manager restart, you can adapt this value easily to growing needs. An attribute you ha ve to consider carefully is the “logfile size” \\n(queue manager attribute LogFilePages), because you cannot change it during the queue manager lifecycle. If you choose a value that proves to be too small, you could only increase it by recycling the whole queue manager: a change that  is critical for production environments. \\nOn the third and forth wizard page, you can keep the defaults, unless you have to change the \\ndefault port 1414 because there is already another queue manager on your system. In this case you can just use 1415 or any other free port.  Chapter 6. Financial Services scenario 243Figure 6-63   Queue manager creation wizard, second page \\nAfter you have created the queue manager, install the WebSphere MQ SupportPac MS03 to \\nsave the queue managers definitions frequently. SupportPacs are extensions, that are available from the IBM website free of charge. Many of them are supported like the product. \\nThe save queue manager SupportPac is essential to keep track of changes in the queue \\nmanager. It saves queue and other definitions, but not the messages in the queues. \\nConnecting applications to the queue manager\\nAfter you have created your queue mangers, you provide connectivity to the applications entitled to use it. We demonstrate connecting applications to the queue manager through TCP/IP . Y ou create a WebSphere MQ \\nserver connection channel  object to allow it, as shown \\nin Figure 6-64. Tip: Download the free WebSphere MQ SupportPac MS03 to save queue manager \\ndefinitions from the following website and run it frequently:\\nhttp://www-01.ibm.com/support/docview.wss?uid=swg24000673\\n 244 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsFigure 6-64   Creating a server connec tion channel from WebSphere MQ Explorer\\nLike all WebSphere MQ channel definitions, th e server connection c hannel is basically a \\nname to define a certain access to the queue manager. The connecting party, like the application, connects to the listener port of the queue manager and passes the name of the channel it wants to connect to. Both, application and queue manager have to use matching channel names. Y ou can see the same pattern again in cluster channels and distributed queueing channels, described in section. \\nBecause a B2B gateway is a security sensitive place, in particular, we need to think about \\nsecuring the channel against unauthorized use. We make these distinctions: \\n/SM590000Authentication: Identifying who is trying to access the queue manager:\\n– By IP \\n– By SSL – By username/password combination– By a token from a security service\\n/SM590000Authorization: Determining what the identified party can do:\\n– To connect, and access message in specified queues:\\n\\x81T o  \\nbrowse  (read) or get (read consuming) the message\\n\\x81T o  put (write) a new message\\n– Or even to change the configuration and access rights\\nBy default, WebSphere MQ believes in the user names that remote systems present when \\nconnecting. Therefore, it is crucial for the security of a WebSphere MQ queue manager network to limit access to the MQ System objects. Otherwise unauthorized parties could pretend to be MQ administrat or. The means to secure a new channel is to fill the \\nmcauser  \\nattribute of the channel; the queue manager r eplaces the user names of incoming messages \\npresented by the sending system with the mcauser  value. The parameters inserted in the \\nserver connection channel wizard are listed in Figure 6-65.\\nFigure 6-65   Parameters for the creation of a server connection channelNAME: B2B.FINANCE.SBIcomment (“DESCR”): Chl for B2B Integrator for Financetransmission Protocol (“TRPTYPE”): TCPcopy from existing channel (“LIKE”): SYSTEM.DEF.SVRCONNtechnical user (“MCAUSER”): sbiuser\\n Chapter 6. Financial Services scenario 245Before you can use the channel, you have to add the declared mcauser  as a system user \\n(windows) or group name (unix) and authorize it in WebSphere MQ’s object authorization manager. It is depicted for a Windows operating system in Figure 6-66. Y ou can access the object authorization manager from the WebSphere MQ Explorer, as shown in Figure 6-67, or create the access rights  with the utility command setmqaut  from the command line. We first \\ngrant the user a basic read-only access, and add the “put” and “get” authorities needed to write to and read from specific queues later. \\nFigure 6-66   The technical mcauser mu st be created on operating system level\\nFigure 6-67   Grant basic read only access to a technical user \\n 246 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsAs an alternative, a fast and convenient way to attach only local applications to a queue \\nmanager hosted on the same node is the binding mode. The dialog is shown in Figure 6-68.\\nFigure 6-68   Grant put and inquire access\\n Chapter 6. Financial Services scenario 247Connecting queue managers in a cluster\\nAfter creating queue managers, you want to connect the queue managers so that they can \\nexchange messages. We demonstrate in the following connecting queue managers through a WebSphere MQ queue manager cluster, which organizes the distribution of messages in the cluster with low administration overhead, and is capable of load balancing. \\nWithin a WebSphere MQ queue manager cluster,  applications can write to queues that are \\nhosted on remote queue managers, not only to the queue manager they are directly connecting. \\nTo define a queue manager cluster, as Cluster ITSO shown in Figure 6-69, we define two \\nqueue managers as the full repositories of th e cluster. For all cluster members two cluster \\nchannels are defined, a cluster receiver channel to itself (like TO.B2B02) and a cluster sender channel object to one of the repositories (like TO.ESB01). A cluster repository queue manager itself will have a sender  channel to the othe r repository. The clus ter receiver channel \\ndefinitions serve as templates used by all queue managers in the cluster to auto-define sender channels to that queue manager. \\nQueue manager clustering is a powerful and versatile technology. Y ou can define multiple \\nclusters for differentiated types of use, for example, with different service levels:\\n/SM590000Unencrypted or encrypted channels\\n/SM590000Fastpath or slow transport of large messages during low traffic times\\nY ou could (and in large organizations, should)  use clusters overlapping in a gateway to \\nseparate zones. \\nThe WebSphere MQ queue manager cluster is completely different than physical clustering \\non the hardware level, which is often used to secure a single queue manager with services like IBM AIX PowerHA (former HACMP) or comparable products of other sources. Queue manager cluster and physical cluster are complimentary concepts that fit together well; queue manager clusters scale the performance up, while physical cluster tales care of fail over safety, the second now often replaced by multi instance queue manager. \\nThere is an alternative configuration called MQ distributed queuing. While clustering is a \\nfeature-rich, easy to use, and mature technology, distributed queueing is the basic way of \\nconnecting queue managers, as shown in Figure 6-69. We discuss the principles of \\ndistributed queuing in “Use of distributed queueing connections” on page 250. 248 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsFigure 6-69   Queue manager cluste r configuration for cluster ITSO\\nConfigure queues \\nWebSphere MQ organizes the actual store and forward of messages in queues. Some of the \\ncategories of queues are explained here: \\n/SM590000A local queue is the basic type of queue. It is the only one that stores messages \\nphysically, and the only type an application can read from.\\n/SM590000An alias queue is a facade to a queue. Alias queues can carry specific access rights to \\ndiscriminate read and right access, and can help to implement different naming concepts both suitable for network administration and application operation at the same time. \\n/SM590000A \\ncluster queue is a queue that is writable from all queue managers of a cluster. If there \\nare two ore more instances of a cluster queue (queues with same name) available in the same cluster, the senders distribute messages among them for load balancing. \\n/SM590000There is also the \\nremote queue , which is a specific form of alias queue that points to a \\nforeign queue manager. It is writable only. It is a concept of distributed queueing, the other form of cooperation between queue managers when you don’t use clustering. It is accompanied by a \\ntransmission queue,  local queues that serve as temporary store for \\nmessages before they are shipped to the target queue manager. <<node>> b2b02<<node>> esb01\\n<<qmgr>> B2B02<<qmgr>> ESB01\\n<<broker>> esb01\\n<<node>> esb02\\n<<qmgr>> ESB02\\n<<broker>> esb02<<clus>> ITSO\\nFull \\nRepository \\nITSOFull \\nRepository \\nITSO\\nTO.ESB02TO.B2B02\\nTO.ESB02TO.ESB01\\nTO.ESB02\\nTO.ESB01\\nLocal Queue\\nDEAD.LETTER Chapter 6. Financial Services scenario 249As shown in Figure 6-70, we create an alias queue on queue manager B2B02 as direct target \\nfor Sterling B2B Integrator. This alias points to a cluster queue that is located on queue manager ESB01. The cluster mechanism forwards the messages from queue manager B2B02 to the local queue on queue manager ESB01, where the middleware processing happens in a WebSphere Message Broker flow. We discuss that very soon in detail. At the moment we want to point out the possibility of  load balancing at that place. \\nIf the load increases and requires more processing power than the physical node ESB01 can \\nsupply, you can scale up and load balance to other esb-nodes by just creating another local queue of the same name on queue manager ESB02 and deploying the same message flows there, too. \\nThe second queue, the B2B gateway queue manager, is a local queue that serves an error \\nand backout queue for the scenario. If the middleware cannot process messages, for instance, because they are malformed, it bounc es such indigestible (“poisoned”) messages \\nback to the origin, because we do not want the esb queue managers to be clogged, and because the root cause of the error is easier to determine closer to the origin of the erroneous \\nmessage. \\nLast, we define two local queues for the output to the legacy systems. We do not spell this \\nout, but the messages could also be forwarded to other nodes. Everything is possible from client connection (as we demonstrate), cluster queue and distributed queueing. \\nFigure 6-70   Queue topology with full queue names \\nThroughout the whole train, we need to consider the message size and the maximal queue depth, that is the number of messages stored in the queue manager: \\n/SM590000Maximal message size is an attribute of queue manager, queues, and channels. We need \\nto adjust the values in all of them if we want to work with larger messages. It is also good practice to separate the paths of fast and heavy messages.\\n/SM590000The maximal queue depth (MAXDEPTH) is the number of messages a queue can store. It \\ndetermines how long the queue manager can buffer for a dysfunctional subsequent system, for instance in planned or unplanned maintenance breaks. \\nOur declared objective is to be work without interruption, or at least without letting our B2B \\npartners know when the processing is interrupted. So we want to supply so much room in the queue that messages can queue as long as wanted and needed to bridge the maintenance window. <<node>> b2b02 <<node>> esb01\\n<<qmgr>> B2B02 <<qmgr>> ESB01A\\nAlias Queue\\nFINANCE.B2B.ESB.REQUEST.IN\\nLocal Queue\\nFINANCE.B2B.ESB.REQUEST.BACKOUTC\\nClustered Queue\\nFINANCE.ESB.REQUEST.IN<<ref>>\\nLocal Queue\\nFINANCE.ESB.REQUEST.BRANCH1\\nLocal Queue\\nFINANCE.ESB.REQUEST.BRANCH2\\n<<ref>> 250 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsUse of distribu ted queueing connections\\nDistributed queueing is the basic approach to connect WebSphere MQ queue managers. It \\ntakes some more manual configuration steps than clustering, and offers less functionality, in particular no load balancing. After being configured, the distributing queueing setup is easy to maintain and simple to understand. Most important, because of simplicity, distributed queueing is very suited for the use in external partner communication and in perimeter zones. \\nWe do not spell out the whole scenario above as an alternative to clustering, but explain the \\nuse of distributed queueing with a realistic sample that shows how our security gateway queue manager B2B01 can be connected to the queue manager B2B02.\\nTo allow messages to be put on a queue on a remote queue manager, we need to create at \\nleast on the near (sender) queue manager, B2B01: \\n1. A \\nremote queue  definition: FINANCE.B2B01.B2B02.IN\\n2. A transmission queue  definition: B2B02\\n3. A sender channel definition: B2B01.B2B02\\nAnd on the remote (receiver) queue manager, B2B02:\\n4. A matching receiver channel definition: B2B01.B2B02\\n5. The queue which is target of the transfer. This queue can be local, alias, remote, or cluster \\nqueue. \\nFor use in a security sensitive zone, you can use a server and requester channel pair instead \\nof sender and receiver. The message flow with server and requester is like in sender and receiver from letter “s” to letter “r”, but the connection is not initiated by the sending party, but by the (receiving) requester. It is most suitable in situations where a queue manager in the DMZ needs to transfer messages to a queue manager in the trusted zone. \\nIt defines a one way route from sender B2B02 to receiver qu eue manager ESB01. If you also \\nwant to send messages the way back, you need to create corresponding definitions. \\nThe connection between queue managers is done by sender and receiver channels. Like all \\nWebSphere MQ channels, the definitions must match by name. We propose to define the \\nchannel names like this:\\n<SENDER_QM>.<RECEIVER_QM>[.<XX>] \\nChannel names are limited to 20 characters. Remember that we recommended to keep \\nqueue manager names shorter than nine characters, although MQ allows queue manager names to be longer. It was because of this channel  naming pattern, which is a kind of de facto \\nstandard in the WebSphere MQ world. The two characters qualifier space can be used to give a counter or qualifiers signaling things like encryption or compression.\\nConfiguring WebSphere Message Broker\\nWebSphere Message Broker is a routing and transformation application working on top of WebSphere MQ. While WebSphere MQ is the messaging backbone of an enterprise service bus, WebSphere Messages Broker provides co nnectivity to other protocols and standards \\nand a number of custom translation capabilities. \\nIn our sample scenario, WebSphere Message Broker has the task to mediate between the \\nB2B gateway and two different legacy backend applications. The backends use different data formats and have slightly different responsibilities. The ESB, say WebSphere Message Broker is responsible to deal with the particularities of these backends because we decided for architectural reasons that the B2B gateway must not deal with details of backend implementations: one of the simple truths of service oriented architecture.  Chapter 6. Financial Services scenario 251Figure 6-71 shows the Message Broker Toolkit.\\nFigure 6-71   Message Broker Toolkit overview\\nY ou can think of the WebSphere Message Broker as a platform or application server. The \\napplications are developed and packaged in a specific eclipse based build time environment called Message Broker Toolkit. Deployment is al so done from this tool or from the Message \\nBroker Explorer, a plug-in into the WebSphere MQ Explorer suitable for Broker administrators. The applications are deployed to the broker runtime component. Y ou can separate the runtime, and also scale up to the limit of the physical OS, by using several execution groups for different applications. \\n 252 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsMessage broker flow development\\nA message broker flow basically needs input and output nodes at least. In our scenario case, \\nboth source and target are WebSphere MQ queues. As shown in Figure 6-72, the flow consists of six nodes.\\nFigure 6-72   The message flow\\nThese six nodes are as follows:\\n1. The input node specifies the queue where messages come from and the parser used to \\ninterpret the message. This could be a XML parser or a parser for custom wire formats. In our scenario we do not parse the message on input but read it as a binary large object- a BLOB, because we just pass the message as a whole to the following WTX node.\\n2. The WTX node has the purpose to split a compound message containing an unknown \\nnumber of single check - notifications into single messages. These messages are XML messages as well. We explain the details of the WTX map in “WebSphere Transformation Extender configuration” on page 254. At this place, in the WebSphere TX node, we only have to reference the place where Message Broker can find the TX map on the server.\\n3. The parse node parses the output messages that the WTX node produced to make it \\nhandy for the further processing in the broker flow. In rare cases it can be clever to work directly on a BLOB, or parse only partial when needed. In most cases it is good to parse to the XML tree in advance, like we do here. \\n4. The route node makes a content based choice: Checks with an account number smaller \\nthan 2222222 go to the first Branch 1, the others to the second branch.\\n5. MQ output nodes that point to the branches’ queues.6. MQ output nodes that point to the branches’ queues.\\n Chapter 6. Financial Services scenario 253Message broker flow deployment\\nAfter developing the message flow in the Message Broker Toolkit, the flow needs to be \\ndeployed to the broker runtime environment on the server, as shown in Figure 6-73. Message flows are deployed to execution groups, which are the WebSphere Message Broker artefact for a completely distinct execution environment running its own jvm instance and native operation system processes.\\nFigure 6-73   Deploy a barfile to the broker runtime\\nIn our example, we run only a single execution group called “default” on the server. In real world operations, you might have some distinct execution groups for different projects of your enterprise, or representing for different clients (to design for isolation) or deploy message flows to some execution groups in parallel (to design for high loads).\\n 254 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsWebSphere Transformation Extender configuration \\nFor the extended financial services scenario, WebSphere Transformation Extender is used to \\nsplit the xml payments message into individual payments and then passed back to WebSphere Message Broker to continue processing. Because both input and output are defined by the xml schema definition described earlier in the chapter, no other type tree is needed. \\nThe same XSD is used to define both the input card, as shown in Figure 6-74, and the output \\ncard, as shown in Figure 6-75. \\nFigure 6-74   Input card for payments split map\\nY ou might notice that we set the document verification attribute to Well Formed (Xerces Only) in the input card because the xml is generated internally, and we know that it adheres to the xsd. Because WebSphere Transformation Extender does not perform verification on output, it is not necessary to set this attribute on the output card. \\n Chapter 6. Financial Services scenario 255Figure 6-75   Output card for payments split map\\nOne thing that you might notice about the output card is that we do not choose the entire \\ndocument as our output type. Because we are only interested in individual payment records, the type definition for the output card is the element (sequence) that contains the repeating group of payments (Checks).\\n 256 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsFigure 6-76 and Figure 6-77 show the two-step process for splitting the payment message \\ninto individual payments.\\nFigure 6-76   Executable map passing individual payment to the functional map\\nFigure 6-76 shows the executable map calling the functional map named PutCheckToWire, passing the xml element Checks. Checks contains the payment information to be used by the target application or service. Y ou might notice that we also pass a second parameter to the functional map using the syntax INDEX($). It is done solely to expedite testing the map. By passing in the current index of the payment, we can output each payment individually to a separate file and review the results to make sure that the correct data is passed to the output terminal from the functional map after we deploy to the target platform.\\n Chapter 6. Financial Services scenario 257Figure 6-77 shows the functional map used to output each Checks record to the named \\noutput terminal using the WIRE adapter with the PUT rule. In the second line of the rule, you see a comment containing the rule you would use to test using the FILE adapter as described in the earlier narrative discussing the executable map.\\nFigure 6-77   Using the PUT rule to pass each in dividual payment to the broker output terminal\\nWhen the map in Figure 6-77, executes it receives the xml message shown in Example 6-8.\\nExample 6-8   inbound xml payment message.\\n<?xml version=\"1.0\" encoding=\"UTF-8\"?>\\n<ChkFile><Checks><ABANum>183260101</ABANum><FromAcctNum>222225622010087</FromAcctNum><ChkNum>1</ChkNum><ChkAmt>800</ChkAmt><ChkDate>2011-05-05T00:00:00</ChkDate><ToAcctNum>660007045551212</ToAcctNum><Description80>Acct# 660007045551212 House Pmt</Description80></Checks><Checks><ABANum>111111111</ABANum><FromAcctNum>222222222222222</FromAcctNum><ChkNum>3333</ChkNum><ChkAmt>444.44</ChkAmt><ChkDate>2011-05-15T00:00:00</ChkDate><ToAcctNum>660678912345678</ToAcctNum><Description80>Description of 2nd check in list</Description80>\\n 258 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer Solutions</Checks>\\n<Checks><ABANum>123456789</ABANum><FromAcctNum>333333333333</FromAcctNum><ChkNum>4011</ChkNum><ChkAmt>1000</ChkAmt><ChkDate>2011-05-25T00:00:00</ChkDate><ToAcctNum>660123456789012</ToAcctNum><Description80>Description of 3rd check in list</Description80></Checks></ChkFile>\\nIt then splits the content of the message into individual messages, one for each payment, or \\nChecks record. Example 6-9 shows the result of executing the map based on the input shown in Example 6-8.\\nExample 6-9   Split messages after map is executed.\\nMessage 1...........<Checks><ABANum>183260101</ABANum><FromAcctNum>222225622010087</FromAcctNum><ChkNum>1</ChkNum><ChkAmt>800</ChkAmt><ChkDate>2011-05-05T00:00:00</ChkDate><ToAcctNum>660007045551212</ToAcctNum><Description80>Acct# 660007045551212 House Pmt</Description80></Checks>...........Message 2...........<Checks><ABANum>111111111</ABANum><FromAcctNum>222222222222222</FromAcctNum>\\n<ChkNum>3333</ChkNum>\\n<ChkAmt>444.44</ChkAmt><ChkDate>2011-05-15T00:00:00</ChkDate><ToAcctNum>660678912345678</ToAcctNum><Description80>Description of 2nd check in list</Description80></Checks>...........Message 3...........<Checks><ABANum>123456789</ABANum><FromAcctNum>333333333333</FromAcctNum><ChkNum>4011</ChkNum><ChkAmt>1000</ChkAmt><ChkDate>2011-05-25T00:00:00</ChkDate><ToAcctNum>660123456789012</ToAcctNum><Description80>Description of 3rd check in list</Description80></Checks>........... Chapter 6. Financial Services scenario 259As each individual record is split out, it is passed to the output terminal of the broker map \\nnode that is named, by literal, in the map rule. The broker continues processing each message as it is output to the terminal, while the map continues to split out additional messages. This scenario shows each message passed to the same named output terminal as it is split. However, it is also possible to  dynamically name the output terminal, if that \\nfunctionality is required. The only requirement is that the output terminal named in the map rule, be defined for the map node. After the last message written to the output terminal, the map completes and broker continues processing.\\n6.7  Conclusion\\nIn spite of its simplicity, th e scenario described in this ch apter illustrates two interesting \\nintegration aspects between IBM Sterling and IBM WebSphere portfolios.\\nThe first aspect is the integration between WebSphere Transformation Extender Maps in \\nSterling B2B Integrator which is achievable in two ways, using the WTX Map service in a Business Process or using a WebSphere Translation Extender map in the proprietary Translation service. \\nThe second integration aspect concerns the communication between Sterling B2B Integrator \\nand a WebSphere Message Broker infrastructure through MQ, which is the recommended approach to implement such a communication. \\nIn general, it is achievable because Sterling B2B Integrator includes the WebSphereMQ \\nSuite, a group of services and a communication s adapter that provide maximum flexibility and \\nfunctionality by enabling you to script a complete MQ session using a business process. \\nThe suite also includes an adapter that you can use for asynchronous receiving - the \\nWebSphereMQ Async Receiver adapter.\\nSterling B2B Integrator still in cludes the original WebSpher eMQ adapter, which might serve \\nyour needs better if your MQ communications are fairly basic. \\nAs stated above, MQ communication is the recommended practice to integrate Sterling \\nBusiness Integration Suite with WebSphere Message Broker infrastructure. However, because the latest fix pack of WebSphere Mess age Broker v.7.0, it is also possible to \\nestablish a bridge with a dedicated Connect:Direct server that needs to be installed by the WebSphere Message Broker, in the same server. Y ou then establish a connection with a Connect:Direct Server Adapter instance of Sterling B2B Integrator. \\nLastly, because both Sterling B2B Integrator and WebSphere Message Broker support the \\nmost common communication protocols, like H TTP , HTTPS, or FTP , and now Connect:Direct, \\nit is even possible to establish a connection using one of those protocols. However, this would not be a recommended practice because it won\\'t make use of MQ whereas MQ is the preferred communication mean.  260 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer Solutions © Copyright IBM Corp. 2012. All rights reserved. 261Chapter 7. Supply Chain scenario using \\nAS2 and EDI\\nThis chapter provides an example scenario describing how to use the WebSphere DataPower \\nB2B Appliance XB62 in conjunction with Sterling Integrator, WebSphere MQ, and WebSphere Transformation Extender to consume and proc ess an AS2 packaged message that contains \\nan EDI purchase order.\\nThis chapter includes the following sections:\\n/SM5900007.1, “Business value” on page 262\\n/SM5900007.2, “Prerequisites: Technical and infrastructure” on page 262\\n/SM5900007.3, “Presenting the scenario” on page 263\\n/SM5900007.4, “Configuring the scenario” on page 265\\n/SM5900007.5, “Testing the scenario” on page 307\\n/SM5900007.6, “Conclusion” on page 3127 262 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer Solutions7.1  Business value\\nThe EDIINT B2B pattern is commonly used in supply chain scenarios where companies want \\nto securely exchange EDI data over the Inte rnet. The Applicability Statements (AS1, AS2, \\nAS3) provide a mechanism to securely transport data over a public network. They provide encryption, signatures, and identity of the sender and receiver as well as providing for non-repudiation of origin and receipt. Although EDIINT stands for EDI over the Internet, over the years it has evolved to be payload agnostic and is commonly used to envelope any payload data format. This pattern as depicted in this example demonstr ates the ability of the \\nB2B appliance to provide edge security in and to consume an AS2 message from a trading partner that contains an EDI payload. It furthe r demonstrates the IBM ca pability to integrate to \\nSterling Integrator and WTX for downstream document processing. \\nThe business value of using WebSphere DataPower in conjunction with both Sterling \\nIntegrator and WebSphere Transformation Extender to deliver this pattern is significant. Each product compliments the others, providing combined functionality encompassing a much broader range of B2B flow scenarios than could have been accomplished when used individually. \\nNext we provide is a brief description of the key value of each product:\\n/SM590000The IBM WebSphere® DataPower® B2B Appliance redefines the boundaries of \\nmiddleware by extending the IBM SOA Foundation with a specialized, consumable, dedicated SOA appliance that combines business-to-business (B2B) standards, simplified integration, superior performance, and hardened security for SOA implementations. It is meticulously designed to augment all phases of the SOA life cycle and implementation. \\n/SM590000Sterling Integrator is a transaction engine and toolkit that allow the user to define, create, \\nimplement, and manage process flows. These flows, in turn, allow for the processing, routing, translation, and storage of high volumes of inbound and outbound messages or files. They can also interact and integrate with both internal systems and external business partners.\\n/SM590000WebSphere Transformation Extender WTX is the IBM universal transformer, designed to \\nbe the Enterprise Data Transformation standard. Its consistent data transformation and enrichment capabilities redu ce application development and maintenance costs, \\nstandardize components, provide reuse of both as sets and skill sets across the enterprise, \\nand decrease the time to market of new applications.\\n7.2  Prerequisites: Technical and infrastructure\\nThere are some prerequisites necessary in order to fully understand the scenario and to set it up successfully in your own infrastructure.\\n7.2.1  Software prerequisites\\nIn order to be able to run this scenario, you must have installed the following components:\\n/SM590000WebSphere DataPower B2B Appliances XB62 (Appliance)\\n/SM590000ibm sterling B2B integrator \\n/SM590000WebSphere Transformation Extender for Integration Servers\\n/SM590000WebSphere Transformation Extender Design Studio\\n/SM590000WebSphere Transformation Extender Industry Pack for EDI-X12\\n/SM590000WebSphere MQ Chapter 7. Supply Chain scenario using AS2 and EDI 2637.2.2  Skills prerequisites\\nIn order to fully implement and understand  this scenario, you need to be familiar with:\\n/SM590000B2B Messaging (AS2) and EDI-X12 (basic knowledge)\\n/SM590000WebSphere DataPower B2B Appliances XB62 basic concepts ( IBM WebSphere \\nDataPower B2B Appliance XB60 Revealed , SG24-7745)\\n/SM590000IBM Sterling B2B Integrator basic concepts\\n/SM590000WebSphere MQ basic concepts\\n/SM590000WebSphere Transformation Extender basic mapping techniques\\n7.3  Presenting the scenario\\nThis section provides an overview of the data flow for this scenario. For this particular \\nscenario, we are implementing a two-way flow where we receive an AS2 message that corresponds with an incoming purchase order (X12-850 format). We send an AS2 message back to the partner that corresponds to a functional acknowledgement (EDI 997 format).\\n7.3.1  Primary scenario\\nAs you can see in Figure 7-1, the scenario can be divided into two logical data flows:\\n/SM590000The inbound flow, where we receive the AS2 message containing the X12-850 purchase \\norder from the trading partner\\n/SM590000The outbound flow, where we send the corresponding AS2 message containing the \\nX12-997 functional acknowledgement to the trading partner that was generated by Sterling Integrator\\nNext we describe each step as the data flows through the XB62, pictured in Figure 7-1:\\n1. An EDI-850 payload is wrapped in an AS2 message envelope and sent to the B2B \\nappliance sitting in the DMZ.\\n2. The B2B appliance receives the AS2 message, verifies the partner information, and \\nunpackages the AS2 envelope.\\n3. The B2B Gateway routes the X12-850 to the MQ queue defined in the internal partner \\nprofile’s destination setting.\\n4. After the X12-850 is successfully written to the MQ queue the B2B Gateway generates \\nand sends an AS2 message disposition notification (MDN) back to the sending partner’s system to inform it that the message was successfully received and the B2B Gateway marks the X12-850 transaction as complete.\\n5. Sterling Integrator picks up the X12-850.\\n6. Sterling Integrator validates its using WTX, generates an X12-997, routes the X12-997 to \\nan out queue that is linked to the XB62 B2B Gateway.Tip: It is important to point out that we are only demonstrating a single EDI transaction flow \\nand its acknowledgement in this section. In most cases, a customer’s supply chain pattern might contain multiple transactions that represent a full conversation. For example, a purchase order might be responded to with an advanced ship notice (X12-856) and an invoice (X12-810) that are related to the order that was received. 264 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer Solutions7. Sterling Integrator uses a map created using the WTX X12 Industry pack to transform the \\nX12-850 to XML.\\n8. The B2B Gateway picks up the X12-997 from the out queue.\\n9. The B2B Gateway identifies the sending and receiving partner from the ISA header, \\napplies the attributes as defined in the receiving partner profile and wraps the X12-997 in an AS2 messaging envelope as defined in the external partner profile’s destination setting.\\n10.The B2B Gateway routes the AS2 message carrying the X12-997 payload to the external \\ntrading partner’s configured destination. \\n11.The external trading partner sends a message disposition notification (MDN) to the B2B \\nGateway to inform it that the message was successfully received.\\n12.The B2B Gateway logs the X12-997 transaction as complete.\\nFigure 7-1   Supply Chain - purchase order data flow\\n7.3.2  Alternate scenarios\\nThe primary scenario just described demonstrates how Sterling can integrate with IBM \\nproducts to give the customer the most comprehensive capabilities possible to meet their most challenging B2B integration needs. However, not all customers need to support complex B2B flows and could potentially benefit from an alternative less comprehensive solution. This section lists some of the possible alternatives.\\n/SM590000If your company has no need to provide comprehensive security and B2B integration \\ncapabilities in the DMZ and only  need to proxy data to Ster ling Integrator, you can place \\nSterling Secure Proxy or a standard TCP/IP based proxy in the DMZ instead of DataPower.\\n Chapter 7. Supply Chain scenario using AS2 and EDI 265/SM590000If your company standardized on WebSphere for Internal integration, you can use \\nWebSphere DataPower in the DMZ and WebSphere Message Broker in conjunction with WebSphere Transformation Extender in the secured network to meet your needs.\\n/SM590000If your company standardized on Gentran Integration for EDI, you can use it in this \\nscenario instead of WebSphere Transformation Extender.\\n7.4  Configuring the scenario\\nThis section describes how to configure each product used in the primary scenario depicted in Figure 7-1 on page 264 as well as testing the both the inbound and outbound data flows.\\nThe following artifacts are needed to support this configuration and can be downloaded using \\nthe instructions found in Appendix A, “Additional material” on page 333.\\nXB62 artifacts:\\n/SM590000SCS_DataPowerArtifacts.zip  (contains DataPower Import file to fully configure the \\nsimulated partner, the X.509 certificates used in the profiles and the EDI test file).\\n/SM590000SCS_WTXArtifacts1.zip  (contains the compliance artifacts needed to execute the X12 \\ncompliance maps. When extracted, the zip creates the directory structure, and puts all configuration files and map files in the proper location. The zip should be extracted at the root directory of the server that hosts the Sterling B2B Integrator).\\n/SM590000SCS_WTXArtifacts2.zip  (contains the Project Interchange needed to create the Extender \\nProject needed to build the maps needed for this scenario. From within WebSphere Transformation Extender Design Studio, import this zip as a Project Interchange).\\n7.4.1  Configuring the IBM WebSphere B2B Appliance XB62\\nThis section contains the steps involved in configuring the WebSphere DataPower B2B \\nAppliance XB62 to trade AS2 messages with your trading partners, More specifically, it covers these tasks:\\n/SM590000Import of the simulated Trading Partner B2B hub into the XB62\\n/SM590000Creation of an Application Domain to be used to house your B2B hub:\\n– Creation of your internal profile, which is composed of your company\\'s trading \\ninformation and your keys and certificates.\\n– Creation of the trading partner\\'s external profile, which is composed of your partner\\'s \\ntrading information and their public certificate.\\n– Configuration of the XB60 B2B Gateway for trading AS2 messages:\\n\\x81 Creation of an AS2 Front-side Protocol Handler to be used for receiving AS2 \\nmessages from trading partners\\n\\x81 Creation of an HTTP Front-side Protocol Handler to be used for receiving files from \\nthe backend systems\\n\\x81 Association of profiles with the B2B Gateway\\n\\x81 Configuration of an data archive process to keep the system free of outdated \\ntransaction data 266 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsAfter you have completed this section, you can expect to have a better understanding of what \\nit takes to configure the XB60 for AS2 communication.\\nImport the simulated trading partner domain\\nThe DataPower XB62 has the ability to logically se parate configurations by allowing multiple \\nDataPower Domains to be  configured on the device. We use this ability to create a simulated \\ntrading partner to trade AS2 with. Unlike traditional B2B Software, a separate instance and/or install of the B2B Gateway is not needed to simulate trading partners:\\n1. Launch your Internet browser and log on to the XB62\\'s Web GUI as \\nAdmin  into the default  \\ndomain. Y ou need Admin privileges to configure many of the objects.\\n2. From the console, click the  Import Configuration link as shown in Figure 7-2.\\nFigure 7-2   Import Configuration\\n3. In the Import Configuration view (Figure 7-3) be sure that the ZIP radio button is selected \\nand click the  Choose File button. Navigate to the directory where you placed the \\nadditional materials for this chapter, and select the SCS_PARTNER_DOMAIN.zip  file. Click the \\nNext  button to continue.Installation:  The installation of the XB62 is not covered in this book. For information about \\nhow to install DataPower Appliances, see the DataPower Common Installation Guide . For \\nthe purpose of this book, we configure a B2B Gateway in a single domain to act as your B2B hub. The Partner\\'s B2B hub is pre-configured and is imported into its own Domain to allow us to simulate a Trading Partner without the need for another machine. \\nThis book assumes that you are using your own XB62 and have Admin access to the \\ndevice. All IP addresses, ports, queues, object names, and so on, reflected are for the purpose of this example only. Y our actual configuration can differ and contain settings specific to your environment.\\nDependencies:  This configuration is dependent on a connection to an MQ Queue \\nManager for delivering files to Sterling Integrator. Be sure you have access to an MQ Queue Manager and the queues that you intend to use prior to configuring the MQ Queue Manager object in DataPower. \\n Chapter 7. Supply Chain scenario using AS2 and EDI 267Figure 7-3   Import Configuration - Browse File\\n4. The Import Configuration view (Figure 7-4) displays information regarding the domain to \\nbe imported. Be sure to check the box next to the Partner  domain and click Next to \\ncontinue.\\nFigure 7-4   Import Configuration - Select Partner domain\\n5. The Import Configuration view displays a list of objects to be imported, a list of objects that \\nalready exist and a list of files that can differ from existing files. The objects that we need should already be checked, so click the Import button to continue.\\n6. The Import Configuration view disp lays the results of the import. Click the Done  button to \\ncomplete the import.\\n7. Click the Save Config  link in the top menu bar just to the left of the Domain drop-down.\\n 268 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsConfigure the Partner Domain\\nDataPower has a built in security  mechanism that prevents the us er from having the ability to \\nexport keys and certificates from the device. Because DataPower does not allow the export of keys and certificates, we must associate the keys and certificates used for trading AS2 to the internal and external partner profiles associated with the Partner gateway.\\nFollow these steps:\\n1. Change into the Partner  domain by clicking the drop-down next to \\nDomain  on the top \\nmenu bar. See Figure 7-5.\\nFigure 7-5   Change Domains\\n2. From the Control Panel , click the B2B Partner Profiles  link as seen in Figure 7-6. The \\nprofile list as seen in Figure 7-7 shows both the internal and external profiles are down.\\nFigure 7-6   Control Panel - Profile Link\\nFigure 7-7   Profile List View - downTip: In the Partner’s domain, your profile. mycompany, is an external profile. It is because \\nthe partner’s B2B Gateway sees you as an external entity, and only your public certificates are available to the partner. Later in this chapter, you can create your own Domain where the partner profile is external and your profile is internal.\\nIf you are new to DataPower B2B, the concept of internal and external partner profiles \\nmight be confusing. For a good explanation of this concept, see section 7.1.1 in the book, IBM WebSphere DataPower B2B Appliance XB60 Revealed , SG24-7745.\\n Chapter 7. Supply Chain scenario using AS2 and EDI 2693. Click mycompany  in the Name  column to edit the profile.\\nc. In the Configure B2B Partner Profile  view click the AS Settings  tab.\\nd. In the Inbound Security section, click the Edit (...) button next to the Inbound \\nSignature Validation Credential field. See Figure 7-8.\\nFigure 7-8   Configure mycompany AS Settings\\ne. In the Configure Crypto Validat ion Credentials, view, click the pencil  just to the right of \\nMycompany_Cert in the Certificates field.\\nf. In the Configure Crypto Certificate view, click the Upload button next to the File Name \\nfield.\\ng. In the Upload File to Directory cert:/// view, click Choose File  just under the File to \\nUpload field. Navigate to the location where you unzipped the SCS_DataPowerArtifacts.zip  file, select the mycompany-sscert.pem  file and click \\nOpen .\\nh. Be sure Overwrite Existing File  is checked, then click the Upload  button at the \\nbottom of the view.\\ni. Click Continue  in the upload success window. It puts you back into the Configure \\nCrypto Certificate view.\\nj. Click the Apply  button in the Configure Crypto Certificate view. It  puts you back into the \\nConfigure Crypto Validation Credentials view.\\nk. Click the Apply  button in the Configure Crypto Validation Credentials view. It puts you \\nback into the AS Settings  tab of the Configure B2B Partner Profile view.\\nl. Click the Apply  button in the Configure B2B Partner Profile view. It puts the \\nmycompany profile in an Up state.\\nm. Click Save Config  on the top menu bar, just to the right of the Domain drop-down.\\n 270 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer Solutions4. To quickly return to the profile list view, click the B2B Partner Profile  portion of the \\nConfigure B2B Partner Profile at the top of the view, as shown in Figure 7-9.\\nFigure 7-9   Return to the profile list view\\n5. Click the Partner  profile to edit it:\\na. In the Configure B2B Partner Profile view, click the AS Settings tab.\\nb. In the Inbound Security section, leave the Require Signature and Require Encryption \\nboxes unchecked and click the edit (...) button next to Inbound Decryption Identification \\nCredential field. See Figure 7-10.\\nFigure 7-10   Configure Partner AS settings\\nc. In the Configure Crypto Identification Credentials view, click the  edit (...)  button next to \\nthe Crypto Key field.\\nd. In the Configure Crypto Key view, click the Upload  button next to the File Name field.\\ne. In the Upload File to Directory cert:/// view, click Choose File under the File to Upload \\nfield. Navigate to the location where you unzipped the SCS_DataPowerArtifacts.zip  \\nfile, select the partner-privkey.pem  file, and click Open .\\nf. Be sure Overwrite Existing File  is checked, then click the Upload  button at the \\nbottom of the view.\\ng. Click  Continue  in the upload success window. It puts you back into the Configure \\nCrypto Key view.\\nh. Click the Apply button in the Configure Crypto Key view. It puts you back into the \\nConfigure Crypto Identification Credentials view.\\n Chapter 7. Supply Chain scenario using AS2 and EDI 271i. In the Configure Crypto Identification Credentials view, click the edit (...)  button next to \\nthe Certificate field.\\nj. In the Configure Crypto Certificate view, click the Upload  button next to the File Name \\nfield.\\nk. In the Upload File to Directory cert:/// view, click Choose File  under the File to Upload \\nfield. Navigate to the location where you unzipped SCS_DataPowerArtifacts.zip , \\nselect the partner-sscert.pem  file, and click Open .\\nl. Be sure Overwrite Existing File is checked, then click the Upload  button at the bottom \\nof the view.\\nm. Click Continue  in the upload success window. It puts you back into the Configure \\nCrypto Certificate view.\\nn. Click the Apply  button in the Configure Crypto Certificate view. It  puts you back into the \\nConfigure Crypto Identification Credentials view.\\no. Click the Apply  button in the Configure Crypto Identification Credentials view. It puts \\nyou back into the AS Settings tab of the Configure B2B Partner Profile view.\\np. Click the Apply  button in the Configure B2B Partner Profile view. It puts the Partner \\nprofile in an Up state.\\nq. Click Save Config  on the top menu bar, just to the right of the Domain drop-down.\\nCreate your Appl ication Domain\\nIn this section you are creating a domain to be used to house the configuration needed to \\nsupport your B2B flows. \\nFollow these steps:\\n1. Change back into the default domain by clicking the drop-down next to Domain on the top \\nmenu bar. \\n2. In the left navigation menu, search on the word “Application” and select Application \\nDomain  as seen in Figure 7-11.\\nFigure 7-11   Left navigation menu - search for Application DomainNext:  Y ou have completed the import and configuration of your simulated trading partner. \\nYou are now ready to create your application domain to be used to house your profiles and your B2B Gateway service.\\nTip: If you already understand how to configure the DataPower XB62 for connecting to \\nyour AS2 trading partners, you can bypass this section by importing SCS_MYDOMAIN_DOMAIN.zip  from the location where you unzipped \\nSCS_DataPowerArtifacts.zip . Be sure to import the appropriate certificates in the AS \\nSettings tabs for both profiles, just like you did for the Partner domain.\\n 272 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer Solutions3. In the Configure Appl ication Domain view, Main  tab, enter a descriptive name in the Name \\nfield. In this example, we used MyDomain.\\n4. Check the Enable Auditing and Enable Logging boxes at the bottom of the view and click \\nthe Apply  button to create the domain.\\n5. Click Save Config  on the top menu bar, just to the right of the Domain drop-down.\\n6. Switch into your newly created domain by clicking the drop-down next to Domain in the top \\nmenu bar and selecting MyDomain.\\nCreate an MQ Manager Object\\nFollow these steps:\\n1. In the left navigation menu, search on MQ and select MQ Queue Manager.\\n2. In the Configure MQ Queue Manager list view click in the Add button to create a Queue \\nManager Object.\\n3. Configure the Main  tab as described in the following steps. See Figure 7-12.\\na. In the Name field, enter a descriptive name for the MQ Queue Manager object; in this \\nexample we used B2B02.\\nb. Check enabled  in the Administrative State field.\\nc. Optionally add comments that describe this MQ Queue Manager object.d. In the Host Name field, enter the IP address or host name and port of the MQ server \\nyou are connecting to; in this example we used 9.42.170.226:1414.\\ne. In the Queue Manager Name field, enter the name of the MQ Queue Manager your are \\nconnecting to; in this example we used B2B02.\\nf. In the Channel Name field, enter the name of the MQ connection channel you are \\nconnecting to; in this example we used B2B.SUPPL YCHAIN.DP .\\ng. Enter the username used to connect to the channel that is being used. In this example, \\nwe used an internal name that has the appropriate rights on the MQ Server.Tip: From this point forward, all of your configuration is done in MYDOMAIN. For the \\npurpose of this lab, we stay logged in as admin, however, in a real world deployment, you normally create a User ID and assign appropriate rights to the user that enables them to create and configure objects in this domain, restricting access to the default domain to only the primary Admin user.\\nTip: The best practice for connecting to MQ is to leave the user empty in the DataPower \\nconfig, and to insert a local technical user  with limited access in the MQ config. \\nAuthorization is managed by the rights of this user and Authentication would best be done through SSL.  Chapter 7. Supply Chain scenario using AS2 and EDI 273Figure 7-12   MQ Queue Manager Configuration - Main tab\\n4. Configure the Connections tab as described in the following steps. See Figure 7-13.\\na. Click the Connections  tab; the Name field carries over to the Connections view; \\ndo not change it.\\nb. In the Retry Behavior section, change the retry settings as described here:\\ni. Be sure the Automatic Retry is set to on.\\nii. Set the Retry Interval to 60 seconds.iii. Set the Retry Attemp ts to 3 attempts.\\niv. Set the Long Retry Interval to 600 seconds\\nv. Set the Reporting Interval to 300 seconds.vi. Leave the default values in all remaining fields. \\n 274 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsFigure 7-13   MQ Queue Manager  Configuration - Connection tab\\n5. Click the Apply  button at the top left of the Configure MQ Queue Manager view to \\ncomplete the MQ Queue Manager configuration.\\n6. Click Save Config on the top menu bar, just to the right of the Domain drop-down.\\nTip: If DataPower can connect to your queue manager, it is in an Up state. Otherwise, if it \\nis in a Down state, you cannot  write the files to the MQ backend as demonstrated in this \\nexample until you resolve the connectivity issue.\\nNext:  Y ou have completed the configuration of a MQ Queue Manager object to be used in \\nour example as the back-side integration exchange point. Y ou are now ready to create your internal partner profile.\\n Chapter 7. Supply Chain scenario using AS2 and EDI 275Create your internal profile\\nIn this section, you are creating your company\\'s profile to be used for identifying yourself to \\nyour external trading partner, for applying trading partner policy or agreement attributes to the connection, and for integrating to the backend system; WebSphere MQ in this example:\\n1. Click the B2B Partner Profile  icon in the Control Panel view.\\n2. In the Configure B2B Partner Profile list view, click the  Add  button to create your internal \\nprofile. \\n3. Configure the Main  tab as described in the following steps. See Figure 7-14.\\na. In the Name field, enter a descriptive name for your Internal Profile; in this example we \\nused mycompany.\\nb. Choose enabled  in the Administrative State field.\\nc. Optionally add comments that describe this profile.d. Choose Internal  in the Profile Type field.\\ne. In the Partner Business IDs field, enter your IDs; in this example, we used \\nZZMYCOMPANY, which matches the EDI file that we test later in this chapter. Type in the ID and click the  Add  button.\\nf. Leave all remaining fields set to the default values.\\nFigure 7-14   Configure internal partner profile - Main tab\\nTip: Do not click the Apply  button at this point. We  still have some required \\nconfiguration needed to complete this profile.\\n 276 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer Solutions4. Configure the AS Settings  tab as described in the following steps:\\na. Click the AS Settings tab. The Name field carries over to the AS Settings view. \\nDo not change it.\\nb. In the Inbound Security section, leave the Require Signature and Require Encryption \\nboxes unchecked and click the plus sign  icon to create a new Inbound Decryption \\nIdentification Credential. See Figure 7-15.\\nFigure 7-15   Configure internal partner profile - AS Settings tab\\nc. In the Configure Crypto Identification Credentials view Name field, enter a descriptive \\nname for this credential. In this example, we used mycompany_decrypt. See Figure 7-16.\\nd. Choose enabled  in the Admin State field.\\ne. Click the plus sign  icon next to the Crypto Key field to create/upload the Crypto Key.\\n Chapter 7. Supply Chain scenario using AS2 and EDI 277Figure 7-16   Configure Cryp to Identification Credentials\\nf. In the Configure Crypto Key view Name field, enter a descriptive name for this key. In \\nthis example, we used mycompany_privkey.\\ni. Choose enabled  in the Admin State field.\\nii. Click the Upload  button in the File Name field.\\niii. In the Upload File to Directory cert:/// view, click Choose File  under the File to \\nUpload field. Navigate to the location where you unzipped the \\nSCS_DataPowerArtifacts.zip  file, select the mycompany-privkey.pem  file and click \\nOpen .\\niv. Be sure Overwrite Existing File  is checked, then click the Upload  button at the \\nbottom of the view.\\nv. Click Continue in the upload success window. It puts you back into the Configure \\nCrypto Key view.\\nvi. Enter the password used for the mycompany-privkey.pem file in both fields. In this \\nexample, the key password is “datapower”.\\nvii. Click the Apply button in the Configure Crypto Key view. It puts you back into the \\nConfigure Crypto Identification Credentials view.\\ng. Now that we are back in Configure Crypto Identification Credentials view, we need to \\nupload the certificate that is associated with th e key. Click the  plus sign icon next to \\nthe Certificate field to create/upload the Certificate. See Figure 7-16.\\nh. In the Configure Crypto Certificate view, Name field, enter a descriptive name for this \\ncert. In this example, we used “mycompany_cert”.\\ni. Choose enabled  in the Admin State field.\\nii. Click the Upload  button in the File Name field.\\n 278 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer Solutionsiii. In the Upload File to Directory cert:/// view, click Choose File  under the File to \\nUpload field and navigate to the location where you unzipped the SCS_DataPowerArtifacts.zip , select the mycompany-sscert.pem  file and click Open .\\niv. Be sure Overwrite Existing F ile is checked then click the Upload  button at the \\nbottom of the view.\\nv. Click Continue  in the upload success window. It puts you back into the Configure \\nCrypto Certificate view.\\nvi. Leave the Password fields blank (they are not needed for the certificate) and take \\nthe defaults for everything else.\\nvii. Click the  Apply  button in the Configure Crypto Certificate view. It puts you back into \\nthe Configure Crypto Identification Credentials view.\\ni. In the Configure Crypto Identification Credentials view, leave the Intermediate CA \\nCertificate field empty because we are using Self-Signed Certificates.\\nj. After both credentials are configured, click the  Apply  button, which puts you back into \\nthe AS Settings view.\\nk. In the Outbound Security section be sure the Sign Outbound Messages box is checked \\nand click the plus sign  button to create a new Signing Identification Credential. See \\nFigure 7-17.\\nFigure 7-17   Outbound Security  - Signing Identification Credentials\\n Chapter 7. Supply Chain scenario using AS2 and EDI 279l. In the Configure Crypto Identification Credentials view, Name field, enter a descriptive \\nname for this credential; in this example we used mycompany_signature_cred.\\ni. Choose enabled  in the Admin State field.\\nii. Because we using the same key to decryp t and sign we can use the key and cert \\nthat we already imported, click the drop-down next to the Crypto Key and the Certificate fields and select the same credentials we used for inbound security. \\niii. In the Configure Crypto Id entification Credentials screen , leave the Intermediate CA \\nCertificate field empty because we are using Self-Signed Certificates.\\niv. After both credentials are configured as seen in Figure 7-18, click the  Apply  button, \\nwhich puts you back into the AS Settings screen.\\nv. In the AS Settings view, leave all of the remaining fields set to the default values.\\nFigure 7-18   Outbound Security - Configure Crypto Identification Credentials - completed\\n5. Configure the Destinations  tab as described in the following steps:\\na. Click the Destinations  tab. The Name field carries over to the Destinations view. \\nDo not change it. See Figure 7-19.\\nb. In the Destinations section, click the Add button to add a destination to this profile. \\nBecause this profile is an internal profile the destination is a system or application inside the private network. For this example, we are going to use MQ as an Integration exchange point.\\nc. Enter a descriptive name in the Destination Name field; in this example we used \\n“mycompany_MQ_B2B02”.\\nd. Be sure all of the boxes are checked under the Enabled Document Type section.Tip: Do not click the Apply  button at this point. We  still have some required \\nconfiguration needed to complete this profile.\\n 280 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer Solutionse. In the Connection Section, Destination URL drop-down, select dpmq:// and enter \\n“B2B02/?RequestQueue=SUPPLY.B2B.REQUEST” .\\nf. In the Destinatio n Box, click the Apply  button at the bottom left to save the destination \\nto the list.\\nFigure 7-19   Mycompany Internal Profile - Destination Tab\\n6. Optionally configure the Partner Profile Contacts  tab.\\n7. Click the Apply  button in the top left corner of the Configure B2B Partner Profile view to \\nsave your internal profile.\\n8. Click Save Config  on the top menu bar, just to the right of the Domain drop-down.\\nNext:  Y ou have completed the configuration of your internal profile, you are now ready to \\ncreate the partner’s external profile.\\n Chapter 7. Supply Chain scenario using AS2 and EDI 281Create the Partner’s external profile\\nIn this section, you are creating your trading partner’s profile to be used for verifying their \\nidentity, for applying trading partner policy or agreement attributes to the connection and for integrating to your external trading partner over a specified protocol, AS2 in this example.\\n1. If you are not already in the B2B Partner Profile list view, click the B2B Partner Profile  \\nicon in the Control Panel view.\\n2. In the Configure B2B Partner  Profile list view click the Add button to create your partner’s \\nexternal profile. \\n3. Configure the Main tab as described in the following steps. See Figure 7-20.\\na. In the Name field, enter a descriptive name for your Internal Profile. In this example, we \\nused “partner”.\\nb. Choose enabled  in the Administrative State field.\\nc. Optionally add comments that describe this profile.d. Choose External  in the Profile Type field.\\ne. In the Partner Business IDs field, enter your IDs; in this example we used ZZYOUR \\nCOMPANY which matches the EDI file that we test later in this chapter, type in the ID and click the Add button.\\nf. Leave all remaining fields set to the default values.\\nFigure 7-20   Configure external partner profile - Main tab\\nTip: Do not click the Apply  button at this point. We  still have some required \\nconfiguration needed to complete this profile.\\n 282 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer Solutions4. Configure the AS Settings tab as described in the following steps. \\na. Click the AS Settings  tab; the Name field carries over to the AS Settings view, do not \\nchange it.\\nb. In the Inbound Security section, click the plus sign  button to create a new Inbound \\nSignature Validation Credential. See Figure 7-21.\\nFigure 7-21   Configure external partner profile - AS Settings tab\\nc. In the Configure Crypto Validation Credentials view, Name field, enter a descriptive \\nname for this credential. In this example, we used “partner_signval”. See Figure 7-22 on page 283.\\nd. Choose enabled  in the Admin State field.\\ne. Click the plus sign  button next to the Add button in the Certificates field to \\ncreate/upload the partner’s certificate.\\nf. In the Configure Crypto Certificate view, enter a descriptive name for the crypto \\ncertificate. In this example, we used “partner_cert”.\\ng. Click the Upload  button next to the File Name field.\\nh. In the Upload File to Directory cert:/// view, click Choose File  just under the File to \\nUpload field. Navigate to the location where you unzipped the SCS_DataPowerArtifacts.zip  file, select the partner-sscert.pem file, and click Open .\\ni. Be sure Overwrite Existing F ile is checked then click the  Upload  button at the bottom \\nof the view.\\nj. Click Continue  in the upload success window. It puts you back into the Configure \\nCrypto Certificate view.\\nk. Leave the password fields blank, public certs do not need passwords.\\n Chapter 7. Supply Chain scenario using AS2 and EDI 283l. Click the Apply  button in the Configure Crypto Certificate view. It  puts you back into the \\nConfigure Crypto Validation Credentials view.\\nm. Set Use CRL to Off.\\nn. Click the  Apply  button in the Configure Crypto Validation Credentials view. It puts you \\nback into the AS Settings tab of the Configure B2B Partner Profile view.\\nFigure 7-22   Inbound Security - Configure Crypto Validation Credentials\\nTip: Do not click the Apply  button at this point. We  still have some required \\nconfiguration needed to complete this profile.\\n 284 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer Solutions5. Configure the Destinations  tab as described in the following steps:\\na. Click the Destinations  tab; the Name field carries over to the Destinations view. \\nDo not change it. See Figure 7-23 and Figure 7-24.\\nb. In the Destinations section, click the Add button to add a destination to this profile. \\nBecause this profile is an external profile the destination is the trading partner’s URL, For this example we are going to use AS2 as  the preferred method of exchanging files.\\nc. Enter a descriptive name in the Destination Name field. In this example, we used \\n“Partner_AS2_31001”.\\nd. Be sure all of the boxes are checked under the Enabled Document Type section.\\ne. In the Connection Section, Destination URL drop-down select AS2:// and enter the IP \\naddress or host name of your XB62. For this example, we used 127.0.0.1:31001. Also change the Connection Timeout to 120 seconds.\\nf. In the AS Outbound Security section check the box next to Encrypt Messages, use the \\ndrop-down to select partner_cert and use the default value for Encryption Algorithm.\\ng. In the Advanced AS Behavior section, check the box next to Request MDN, change the \\nTime to Acknowledge to 120 and check the box next to Request Signed MDN.\\nh. Take the default values for all other fields.\\ni. In the Destinatio n Box, click the  Apply button at the bottom left to save the destination \\nto the list.\\nFigure 7-23   Mycompany External Profile - Configure Destination Tab\\n Chapter 7. Supply Chain scenario using AS2 and EDI 285Figure 7-24   Mycompany External Profile - Configure Destination Tab - AS2\\n 286 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer Solutions6. Optionally, configure the Partner Profile Contacts  tab.\\n7. Click the Apply  button in the top left corner of the Configure B2B Partner Profile view to \\nsave the partner’s external profile.\\n8. Click Save Config  on the top menu bar, just to the right of the Domain drop-down.\\nCreate your B2B Gateway Service\\nThe B2B Gateway service is the engine that ties everything together. It uses profile \\nmanagement to ensure that all data that passes through the service is associated with a trading partner agreement between you and your external partner. This service is capable of natively extracting business ID’s from EDI-X12, EDIFACT and XML files, if the files do not have business IDs to extract or are of a format the Gateway does not understand, they are treated as Binary and the business IDs can be  set using a Routing Pre-processor stylesheet. \\nFor this example we are using EDI-X12 payloads. For more information about how to \\nconfigure Binary trading relationship, see Chapters 12 and 13 in the Redbooks publication, IBM WebSphere DataPower B2B Appliance XB60 Revealed , SG24-7745. \\n1. From the Control Panel, click the B2B Gateway Service  icon, or search on “B2B” in the \\nleft navigation menu and select B2B Gateway Service.\\n2. In the Configure B2B Gateway list view, click the Add button.\\n3. Configure the  Main tab as described in the following steps. See Figure 7-25.\\na. Enter the B2B Gateway name in the Name field. In this example we used \\nMY_B2BGATEWAY .\\nb. Choose enabled  in the Administrative State field.\\nc. Optionally add comments that describe this gateway.\\nd. Take the defaults for the Document Storage Location and XML Manager fields.Next:  Y ou have completed the configuration of your partner’s external profile. Y ou are now \\nready to create your B2B Gateway Service. Chapter 7. Supply Chain scenario using AS2 and EDI 287Figure 7-25   Configure MyCompany B2B Gateway Service\\ne. In the Document Routing section, create and configure an AS2 Front Side Handler; this \\nhandler is used to receive AS2 messages an d MDNs from the trading partner, Click the \\nplus sign  in the Front Side Protocol Handlers list and select AS2 Front Side Handler. \\nSee Figure 7-26.\\ni. In the  Main  tab, Name field, enter a descriptive name for this listener. In this \\nexample, we used mycompany_as2_31020.\\nii. Choose enabled in the Admin State field.\\niii. Optionally add comments th at describe this handler.\\niv. Use 127.0.0.1 in the Local IP Address field. \\n 288 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer Solutionsv. In the Port Number field, enter an available port number, in this example we used \\n31020.\\nvi. Use the default values for all other fields and click the Apply  button.\\nf. In the Front Side Protocol Handlers section, click ( + Add ) to add the listener to the \\nFront Side Protocol list.\\nFigure 7-26   Configure AS2 Front Side Protocol Handler\\ng. In the Document Routing section, create and configure a MQ Front Side Handler. This \\nhandler is used to receive the 997’s from the Sterling Integrator through MQ, Click the \\nplus sign  in the Front Side Protocol Handlers list and select MQ Front Side Handler. \\nSee Figure 7-27.\\ni. In the Main  tab, Name field, enter a descriptive name for this listener, in this \\nexample we used mycompany_MQ_ResponseQ.\\nii. Choose enabled  in the Admin State field.\\niii. Optionally add comments th at describe this handler.\\niv. In the Queue Manager field use the drop-down and choose the B2B02 Queue \\nManager object we created in the “Create an MQ Manager Object” on page 272 section of this book. \\nv. Enter the name of the Get Queue. This queue is the same name as you configured \\nin your MQ implementation, in this  example we used SUPPLY .B2B.RESPONSE.\\nvi. Use the default values for all other fields and click the Apply  button.Tip: In production deployments, you want to use a specific IP address that is \\nassociated to the Ethernet port being used for external communications. In this example, we are using two gateways on the local machine so we can use the local host IP .\\n Chapter 7. Supply Chain scenario using AS2 and EDI 289h. In the Front Side Protocol Handlers section click ( + Add ) to add the listener to the Front \\nSide Protocol list.\\nFigure 7-27   Configure MQ Front Side Handler\\ni. In the Attach Partner Profiles section, click the drop-down, select partner from the list, \\nand click the Add button to add the external partner profile.\\nj. In the Attach Partner Profiles section, click the drop-down again, select mycompany  \\nfrom the list, and click the Add button to add the internal partner profile.\\nk. Do not use Active Profile Groups, they are not needed in this example.\\n4. Configure the Archive  tab to purge documents as described in the following steps. See \\nFigure  on page 303.Tip: Do not click the  Apply button at this point. We still have some required \\nconfiguration needed to complete this profile.\\nTip: The Archive  tab is used to automatically keep the B2B document and metadata \\nstorage areas clean. There are two modes; Archive and Purge, and Purge Only. \\n 290 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer Solutionsa. Click the Archive  tab. The Name field carries over to the Archive screen. \\nDo not change it.\\nb. In the Archive Mode field, use the drop-down and select Purge Only . We do not need \\nto Archive files in this example.\\nc. Use the defaults for all of the other fields. \\nFigure 7-28   Configure the Archive tab\\n5. The remaining tabs are not required and are not  used in this example. Click the Apply  \\nbutton at the top left to save the gateway.\\n6. Click Save Config on the top menu bar, just to the right of the Domain drop-down.\\n7.4.2  Configuring the IBM We bSphere Transformation Extender\\nAs stated in the introduction to this book, it is assumed that any WebSphere Transformation \\nExtender component that is needed has already been installed. For any scenario using WebSphere Transformation Extender, the Design Studio must be installed on a development platform in order to create the maps needed for translation. In this scenario, WebSphere Transformation Extender for Integration Servers has also been installed on the development platform, as well as on the server that is intended to host the Sterling B2B Integrator. Next:  Y ou have completed the configuration of your B2B Gateway Service, you are now \\nready to configure Sterling Integrator and WTX.\\n Chapter 7. Supply Chain scenario using AS2 and EDI 291Setting up the Design Studio\\nDetails for setting up the Design Studio to integrate and deploy maps to Sterling B2B \\nIntegrator are discussed in detail in “Step 6: Configure WebSphere Transformation Extender” on page 145. Here we discuss the map used to translate the inbound message to the desired format for this scenario. We must also install the industry pack on the development platform and copy the library file edisvu.dll  that comes with the industry pack, compliance check maps \\nand other related files to the WebSphere Transformation Extender install folder on the server hosting Sterling B2B Integrator. See EDI Compliance Checking  documentation for details at \\nhttp://publib.boulder.ibm.com/infocenter/wtxdoc/v8r4m0/index.jsp?topic=%2Fcom.ibm.websphere.dtx.edicc.doc%2Ftopics%2Fg_edi_compliance_check_overview.htm .\\nTranslating the message with W ebSphere Transformation Extender\\nFor this scenario, a single translation map is needed to transform the incoming EDI X12 850 \\nmessage into canonical xml form. After translation to canonical xml form, no further translation is needed, as the xml output from the transformation map is dropped by Sterling B2B Integrator onto the file system to be consumed by other processes. Transforming a canonical message to a target format is discussed in Chapter 6 of this book. The type tree representing the inbound EDI X12 850 message is a trimmed version of the type tree artifact supplied in the WebSphere Transformation Extender Industry Pack for EDI X12 (Figure 7-29).\\nThis scenario takes advantage of the built in integration in the Sterling B2B Integrator \\nDe-envelop service to execute WebSphere Transformation Extender maps. In order to take advantage of this integration, additional editing of the type tree beyond the trimming methodology discussed earlier in the document is required. The steps for customizing a type tree for integration with the Sterling B2B Integrator De-envelope service is described Pack for \\nEDI documentation that ships with the x12 industry pack and also found at this website:\\nhttp://publib.boulder.ibm.com/infocenter/wtxdoc/v8r4m0/index.jsp?topic=%2Fcom.ibm.\\nwebsphere.dtx.packediref.doc%2Ftopics%2Fg_pkediref_Introduction.htm\\nFigure 7-29   ansi4010-850.mtt.mttTip: A platform specific version of the library f ile, edisvu, is provided in the pack for each \\nplatform supported to integrate the WebSphere Transformation Extender Pack for EDI X12.\\n 292 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsThe target format is xml. However, instead of using the native xml schema definition to \\nrepresent the output format, we chose to import the xml schema definition and generate a type tree to represent the xml. The reason that you would import a schema instead of using it it in its native form, is because sometimes there are rules related to elements in the xml that cannot be represented in a schema. Example 7-1 here shows the schema imported to create the type tree and Figure 7-30 on page 295 shows the type tree that was generated.\\nExample 7-1   XML Schema repr esentation of the purchase order\\n<?xml version=\"1.0\" encoding =\"UTF-8\"?>\\n<xs:schema  xmlns:xs =\"http://www.w3.org/2001/XMLSchema\"  \\nelementFormDefault =\"qualified\"  attributeFormDefault =\"unqualified\" >\\n<xs:element  name=\"OrderFile\" >\\n<xs:complexType >\\n<xs:sequence >\\n<xs:element  name=\"FileHeader\" >\\n<xs:complexType >\\n<xs:sequence >\\n<xs:element  name=\"Sender\" >\\n<xs:complexType >\\n<xs:sequence >\\n<xs:element  ref=\"Contact\" />\\n</xs:sequence >\\n</xs:complexType >\\n</xs:element >\\n<xs:element  name=\"Receiver\" >\\n<xs:complexType >\\n<xs:sequence >\\n<xs:element  ref=\"Contact\" />\\n</xs:sequence >\\n</xs:complexType >\\n</xs:element >\\n</xs:sequence >\\n</xs:complexType >\\n</xs:element >\\n  <xs:element  name=\"Order\" maxOccurs =\"unbounded\" >\\n      <xs:complexType >\\n      <xs:sequence >\\n      <xs:element  ref=\"Header\" />\\n      <xs:element  ref=\"DetailLoop\"  maxOccurs =\"unbounded\" />\\n      <xs:element  ref=\"Trailer\" />\\n     </xs:sequence >\\n     </xs:complexType >\\n      </xs:element >\\n</xs:sequence >\\n</xs:complexType >\\n</xs:element >\\n<xs:element  name=\"Header\" >\\n<xs:complexType >\\n<xs:sequence >\\n<xs:element  name=\"PO_Purpose\" />\\n<xs:element  name=\"PO_Type\" />\\n<xs:element  name=\"PO_No\"/>\\n<xs:element  name=\"PO_Date\"  type=\"xs:date\" />\\n<xs:element  ref=\"SendTo\"  minOccurs =\"0\"/>\\n<xs:element  ref=\"Purchaser\"  minOccurs =\"0\"/> Chapter 7. Supply Chain scenario using AS2 and EDI 293<xs:element  ref=\"Vendor\"  minOccurs =\"0\"/>\\n<xs:element  ref=\"Consignee \" minOccurs =\"0\"/>\\n</xs:sequence >\\n</xs:complexType >\\n</xs:element >\\n<xs:element  name=\"DetailLoop\" >\\n<xs:complexType >\\n<xs:sequence >\\n<xs:element  name=\"ItemNumber\" />\\n<xs:element  name=\"Quantity\"  type=\"xs:decimal\" />\\n<xs:element  name=\"UOM\"/>\\n<xs:element  name=\"UnitPrice\"  type=\"xs:decimal\" />\\n<xs:sequence >\\n<xs:element  name=\"SubDetail\"  maxOccurs =\"10\">\\n<xs:complexType >\\n<xs:sequence >\\n<xs:element  name=\"ProductQualifier\" />\\n<xs:element  name=\"ProductDesc\" />\\n</xs:sequence >\\n</xs:complexType >\\n</xs:element >\\n</xs:sequence >\\n</xs:sequence >\\n</xs:complexType >\\n</xs:element >\\n<xs:element  name=\"Trailer\" >\\n<xs:complexType >\\n<xs:sequence >\\n<xs:element  name=\"ItemCount\"  type=\"xs:integer\"  default=\"0\" \\nminOccurs =\"0\"/>\\n<xs:element  name=\"HashTotal\"  type=\"xs:decimal\"  default=\"0\" \\nminOccurs =\"0\"/>\\n<xs:element  name=\"AmountQualifier\"  minOccurs =\"0\"/>\\n<xs:element  name=\"Amount\"  type=\"xs:decimal\"  default=\"0\" \\nminOccurs =\"0\"/>\\n<xs:element  name=\"DebitCredit\"  minOccurs =\"0\"/>\\n</xs:sequence >\\n</xs:complexType >\\n</xs:element >\\n<xs:element  name=\"SendTo\" >\\n<xs:complexType >\\n<xs:sequence >\\n<xs:element  ref=\"Address\" />\\n</xs:sequence >\\n</xs:complexType >\\n</xs:element >\\n<xs:element  name=\"Purchaser\" >\\n<xs:complexType >\\n<xs:sequence >\\n<xs:element  ref=\"Address\" />\\n</xs:sequence >\\n</xs:complexType >\\n</xs:element >\\n<xs:element  name=\"Vendor\" >\\n<xs:complexType > 294 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer Solutions<xs:sequence >\\n<xs:element  ref=\"Address\" />\\n</xs:sequence >\\n</xs:complexType >\\n</xs:element >\\n<xs:element  name=\"Consignee \">\\n<xs:complexType >\\n<xs:sequence >\\n<xs:element  ref=\"Address\" />\\n</xs:sequence >\\n</xs:complexType >\\n</xs:element >\\n<xs:element  name=\"Address\" >\\n<xs:complexType >\\n<xs:sequence >\\n<xs:element  name=\"Name\"/>\\n<xs:element  name=\"Id\"/>\\n<xs:element  name=\"Street\"  minOccurs =\"0\" maxOccurs =\"2\"/>\\n<xs:element  name=\"City\" minOccurs =\"0\"/>\\n<xs:element  name=\"State\" minOccurs =\"0\"/>\\n<xs:element  name=\"ZipCode\"  minOccurs =\"0\"/>\\n<xs:element  name=\"Country\"  minOccurs =\"0\"/>\\n</xs:sequence >\\n</xs:complexType >\\n</xs:element >\\n<xs:element  name=\"Contact\" >\\n<xs:complexType >\\n<xs:sequence >\\n<xs:element  name=\"Id\"/>\\n<xs:element  name=\"Qualifier\" />\\n</xs:sequence >\\n</xs:complexType >\\n</xs:element >\\n</xs:schema > Chapter 7. Supply Chain scenario using AS2 and EDI 295Figure 7-30   Type Tree generated by PO schema import\\nThe map used to translate the EDI X12 850 to XML is composed of one input card and two \\noutput cards: \\n/SM590000The input card is defined using the trimmed type tree shown in Figure 7-29 on page 291.\\n/SM590000The first output card is defined using the type tree shown in Figure 7-30.\\n/SM590000The second output card is defined using an unbounded string element shown in \\nFigure 7-31. This allows the map to return the xml representation of the purchase order when successful and nothing when it fails. \\n/SM590000The input card definition for the map is shown in Figure 7-32 on page 296.\\n/SM590000The first output card definition for the map is shown in Figure 7-33 on page 297.\\n/SM590000The second output card for the map is shown in Figure 7-34 on page 298.\\n/SM590000The map is shown in Figure 7-35 on page 299.Tip: The second output card is returned to the service, and the first output card is only \\nused as input to the second output card.\\n 296 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsFigure 7-31   Unbounded string element\\nFigure 7-32   Input card definition\\n Chapter 7. Supply Chain scenario using AS2 and EDI 297Figure 7-33   Output card 1 definition\\n 298 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsFigure 7-34   Output card 2 definition\\n Chapter 7. Supply Chain scenario using AS2 and EDI 299Figure 7-35   Map x12edi850toxml.mmc\\nAfter constructing the map using the map designer, you would then build and test locally. In \\norder to execute this map from the Sterling B2B Integrator de-envelope service, the map settings would need to be modified as described in the Pack for EDI  documentation that ships \\nwith the x12 industry pack:\\nhttp://publib.boulder.ibm.com/infocenter/wtxdoc/v8r4m0/index.jsp?topic=%2Fcom.ibm.\\nwebsphere.dtx.packediref.doc%2Ftopics%2Fg_pkediref_Introduction.htm\\nIf the local build and test is successful, you would test on the Sterling B2B integrator using the \\nprocedure defined in Chapter 4, “Routing and transforming messages” on page 69. After this test is successful, you would then deploy the map to Sterling B2B Integrator using the method also described in Chapter 4. After the map is successfully deployed, it can be used in a business process.\\nThis chapter also makes use of the X12 compliance map system that ships with the industry \\npack. In order for the compliance map to execute properly it must be deployed to the server that hosts the Sterling B2B Integrator on the file system to a location that the Sterling B2B \\nIntegrator can access. deploying compliance check maps that ship with industry packs to be executed from Sterling B2B Integrator is described in the documentation that ships with the industry pack. For the scenario discussed in this chapter, this was done by extracting the file SC_Artifacts1.zip , referenced in 7.4, “Configuring the scenario” on page 265, so that the \\nstructure C:\\\\WTXMap  and its contents are created on the server. The compliance map is called \\nccx12.mmc and ships with 9 input cards and 12 output cards. \\n 300 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsThe compliance map is called as an external map, instead of from the Sterling B2B Integrator \\nmap repository. This means that it is execut ed from its location on the file system. The \\nbusiness process passes the EDI X12 850 data to the first input card. The other 8 input cards are used to grab the configuration data needed to run the compliance check.\\nFigure 7-36 shows the compliance map. An example of the 997 generated is shown in \\nExample 7-2.\\nFigure 7-36   Compliance Map ccx12.mmc\\nExample 7-2   997 generated by compliance\\nISA*00*          *00*          *ZZ*MYCOMPANY *ZZ*YOUR COMPANY \\n*111118*1205*U*00401*000000001*0*T*:GS*FA*MYCOMPANY*YOUR COMPANY*20111118*120523*1*X*004010ST*997*0001AK1*MY*35AK2*225*0001*005010AK5*R*5AK9*R*1*1*0SE*6*0001GE*1*1IEA*1*000000001\\n Chapter 7. Supply Chain scenario using AS2 and EDI 3017.4.3  Configuring IBM Sterling B2B Integrator\\nAfter the configuration is complete for WebSphere Transformation Extender, we must now \\nconfigure Sterling B2B Integrator to accept the inbound message and call the components deployed in the previous section.\\nThe process flow in Sterling B2B Integrator is to collect the message from the WebSphere \\nMQ queue, and then write that file to a the file system to preserve it. Then, another service in Sterling B2B Integrator, operating on a schedule, collects the file and initiates the de-enveloping of the message. As part of the de-enveloping, we do a compliance check of the EDI 850 file using WebSphere Transformation Extender, and then transform the message into a format for our backend application to process, again using WebSphere Transformation Extender. During the transformation, we also prepare an acknowledgement, which is an EDI 997, and then place that acknowledgement onto another WebSphere MQ queue for the appliance to return to the trading partner.\\nTo implement this portion of the scenario, we need to create the following items:\\n/SM590000A Business Process to collect the message from the WebSphere MQ queue and place it \\non the file system.\\n/SM590000File System Adapter configuration and schedule to collect the file and initiate the \\nde-enveloping.\\n/SM590000Envelopes for the inbound EDI 850 file:\\n– ISA-IEA\\n–G S - G E–S T - S E\\n/SM590000Envelopes for the outbound acknowledgement (EDI 997):\\n– ISA-IEA\\n–G S - G E–S T - S E\\n/SM590000A Business Process to send the acknowledgement (EDI 997) to WebSphere MQ queue for \\nthe return to the trading partner.\\nBusiness Process to collect the message from WebSphere MQ queue\\nThe first step is to configure a business process in Sterling B2B Integrator to collect the \\nmessage from the WebSphere MQ queue, and then to write this file out to a location on the file system to preserve it for the next step.\\nExample 7-3 is the BPML that we can use for the business process in this scenario.\\nExample 7-3   BPML for the ITSOSuppl ychain_GetMQ_FSExtract business process\\n<process name = \"ITSOSupplychain_GetMQ_FSExtract\"> \\n  <rule name=\"DocumentExists\">    <condition>string-length(PrimaryDocument/@SCIObjectID) &gt; 0</condition>  </rule>\\n  <sequence>\\n    <sequence name=\"Sequence Start\">      <operation name=\"WebSphereMQ Suite Open Session\">        <participant name=\"WSMQ_OpenSession\"/>        <output message=\"WSMQOpenSessionInputMessage\">          <assign to=\".\" from=\"*\"></assign>          <assign to=\"wsmq_channel\">B2B.SUPPLYCHAIN.DP</assign> 302 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer Solutions          <assign to=\"wsmq_debug\">No</assign>\\n          <assign to=\"wsmq_errorOnMQException\">Yes</assign>          <assign to=\"wsmq_hostname\">9.42.170.226</assign>          <assign to=\"wsmq_port\">1414</assign>          <assign to=\"wsmq_qmanager\">B2B02</assign>        </output>        <input message=\"inmsg\">          <assign to=\".\" from=\"*\"></assign>        </input>      </operation>\\n      <operation name=\"WebSphereMQ Suite Open Queue\">\\n        <participant name=\"WSMQ_OpenQueue\"/>        <output message=\"WSMQOpenQueueInputMessage\">          <assign to=\".\" from=\"*\"></assign>          <assign to=\"wsmq_errorOnMQException\">Yes</assign>          <assign to=\"wsmq_MQOO_type\">GET</assign>          <assign to=\"wsmq_qname\">SUPPLY.B2B.REQUEST</assign>        </output>        <input message=\"inmsg\">          <assign to=\".\" from=\"*\"></assign>        </input>      </operation>\\n      <operation name=\"WebSphereMQ Suite Get Message\">\\n        <participant name=\"WSMQ_GetMessage\"/>        <output message=\"WSMQGetMessageInputMessage\">          <assign to=\".\" from=\"*\"></assign>          <assign to=\"wsmq_docTracking\">Yes</assign>          <assign to=\"wsmq_errorOnMQException\">Yes</assign>          <assign to=\"wsmq_qname\">SUPPLY.B2B.REQUEST</assign>          <assign to=\"wsmq_type\">GETONE</assign>        </output>        <input message=\"inmsg\">          <assign to=\".\" from=\"*\"></assign>        </input>      </operation>\\n      <operation name=\"WebSphereMQ Suite Commit\">\\n        <participant name=\"WSMQ_Commit\"/>        <output message=\"WSMQCommitInputMessage\">          <assign to=\".\" from=\"*\"></assign>        </output>        <input message=\"inmsg\">          <assign to=\".\" from=\"*\"></assign>        </input>      </operation>\\n      <operation name=\"WebSphereMQ Suite Close Queue\">\\n        <participant name=\"WSMQ_CloseQueue\"/>        <output message=\"WSMQCloseQueueInputMessage\">          <assign to=\".\" from=\"*\"></assign>          <assign to=\"wsmq_qname\">SUPPLY.B2B.REQUEST</assign>        </output>        <input message=\"inmsg\"> Chapter 7. Supply Chain scenario using AS2 and EDI 303          <assign to=\".\" from=\"*\"></assign>\\n        </input>      </operation>\\n      <operation name=\"WebSphereMQ Suite Close Session\">\\n        <participant name=\"WSMQ_CloseSession\"/>        <output message=\"WSMQCloseSessionInputMessage\">          <assign to=\".\" from=\"*\"></assign>        </output>        <input message=\"inmsg\">          <assign to=\".\" from=\"*\"></assign>        </input>      </operation>\\n    </sequence>\\n    <choice>      <select>        <case ref=\"DocumentExists\" activity=\"Sequence Start\"/>        <case ref=\"DocumentExists\" negative=\"true\" activity=\"\"/>      </select>\\n      <sequence name=\"Sequence Start\">\\n        <operation name=\"File System Adapter\">          <participant name=\"ITSORetail_MQ_FSA\"/>          <output message=\"FileSystemInputMessage\">            <assign to=\".\" from=\"*\"></assign>            <assign to=\"Action\">FS_EXTRACT</assign>            <assign to=\"appendOnExtract\">false</assign>            <assign to=\"concatenateFiles\">false</assign>          </output>          <input message=\"inmsg\">            <assign to=\".\" from=\"*\"></assign>          </input>        </operation>\\n      </sequence>\\n      <sequence>        <assign to=\"false\" from=\"true\"></assign>      </sequence>    </choice>  </sequence></process>\\nNote that this business process is using a File System Adapter to extract the file to the file \\nsystem, which need to be created. It also uses a Rule to check for the existence of a document, which corresponds to the message received from the WebSphere MQ queue. If that document does not exist, the process simply ends without attempting to write the file out.\\nFile System Adapter co nfiguration and schedule\\nIn order to collect the file being written out in the previous step, and to begin the \\nde-enveloping process, we must create a File System Adapter configuration that is set to:\\n/SM590000Collect the file.\\n/SM590000Run on a schedule.\\n/SM590000Initiate (bootstrap) the proper business process. 304 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsFigure 7-37 is the File System Adapter used in this scenario.\\nFigure 7-37   ITSOSupplychain_Collect_FSA configuration\\nNote that we are going to “bootstrap” the process EDIInboundBootstrap, which initiates the \\nde-enveloping of the message. It uses the EDIDeenvelope service to call the X12DeenvelopeUnified business process to de-envelope the message, create the acknowledgement, and then write the transformed message out to the file system for the ‘backend’ application.\\nThis File System Adapter is set to run on a 1-minute schedule, which ensures that any files \\nplaced in the collection folder are collected and processed almost immediately.\\n Chapter 7. Supply Chain scenario using AS2 and EDI 305Envelopes for the inbound EDI 850 file\\nFor the message being collected, we need to configure standard X12 inbound envelopes for \\nthe EDI 850 type.\\nWe need to create an envelope at each of the three standard levels:\\n/SM590000ISA-IEA\\n/SM590000GS-GE\\n/SM590000ST -SE\\nWhen creating the envelopes, there are several items we need to take into account:\\n/SM590000In order to use WebSphere Transformation Extender to check the compliance of the \\nmessage, we need to specify “Y es” to “Use WTX compliance checking” in the ISA-IEA envelope.\\n/SM590000We need to ensure that we select “Y es” to “Generate an Acknowledgement when this \\ngroup is received” in the GS-GE level envelope. In addition, we must also specify the format of the acknowledgement to create, in this case, an EDI 997. We also need to set “Translate and/or Compliance Check Document” to “Yes”. \\n/SM590000In the ST-SE level, we must specify the map to be used to transform the data. In this case, \\nwe select a WebSphere Transformation Extender map, named ‘x12edi850toxml’, that was checked into Sterling B2B Integrator. We also set “Translate and/or Compliance Check Document” to “Yes”.\\n/SM590000Also in the ST-SE level, be sure to select the option “Extract to a file system directory” for \\nthe “Extraction Options,” and specify the location on the file system where the backend application can collect the file.\\nEnvelopes for the outbound acknowledgement (EDI 997)\\nSimilar to the previous situation, we must also create envelopes at each standard level for the \\nEDI 997 that is prepared as part of the de-enveloping of the message.\\nThe following three envelopes must be created:\\n/SM590000ISA-ISE\\n/SM590000GS-GE\\n/SM590000ST -SE\\nFor each of these envelopes, we need to specify that each is for Outbound X12. In the \\nISA-IEA level, we specify the business process to run to output this acknowledgement to the WebSphere MQ queue for return to the trading partner. The business process itself is described in the next section. 306 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsBusiness Process to send acknowl edgement to WebSphere MQ queue\\nFinally, we must create the business process to be called by the X12EnvelopeUnified process \\nthat is initiated when the acknowledgement is created and enveloped. This business process is used to send the acknowledgement, in this case, an EDI 997, back by the WebSphere MQ queue to the appliance, for eventual transmission back to the trading partner.\\nExample 7-4 is the BPML of the this process. Note that this process is quite simple, taking the \\nEDI 997 message and putting it to the WebSphere MQ queue.\\nExample 7-4   BPML of the ITSOSupplyChain_Put_MQ process\\n<process name = \"ITSOSupplychain_Put_MQ\">   <sequence name=\"Sequence Start\">    <operation name=\"WebSphereMQ Suite Open Session\">      <participant name=\"WSMQ_OpenSession\"/>      <output message=\"WSMQOpenSessionInputMessage\">        <assign to=\".\" from=\"*\"></assign>        <assign to=\"wsmq_channel\">B2B.SUPPLYCHAIN.DP</assign>        <assign to=\"wsmq_debug\">No</assign>        <assign to=\"wsmq_errorOnMQException\">Yes</assign>        <assign to=\"wsmq_hostname\">9.42.170.226</assign>        <assign to=\"wsmq_port\">1414</assign>        <assign to=\"wsmq_qmanager\">B2B02</assign>      </output>      <input message=\"inmsg\">        <assign to=\".\" from=\"*\"></assign>      </input>    </operation>\\n    <operation name=\"WebSphereMQ Suite Open Queue\">\\n      <participant name=\"WSMQ_OpenQueue\"/>      <output message=\"WSMQOpenQueueInputMessage\">        <assign to=\".\" from=\"*\"></assign>        <assign to=\"wsmq_errorOnMQException\">Yes</assign>        <assign to=\"wsmq_MQOO_type\">PUT</assign>        <assign to=\"wsmq_qname\">SUPPLY.B2B.RESPONSE</assign>      </output>      <input message=\"inmsg\">        <assign to=\".\" from=\"*\"></assign>      </input>    </operation>\\n    <operation name=\"WebSphereMQ Suite Put Message\">\\n      <participant name=\"WSMQ_PutMessage\"/>      <output message=\"WSMQPutMessageInputMessage\">        <assign to=\".\" from=\"*\"></assign>        <assign to=\"wsmq_docTracking\">Yes</assign>        <assign to=\"wsmq_errorOnMQException\">Yes</assign>        <assign to=\"wsmq_qname\">SUPPLY.B2B.RESPONSE</assign>        <assign to=\"wsmq_send_retryCount\">10</assign>      </output>      <input message=\"inmsg\">        <assign to=\".\" from=\"*\"></assign>      </input>    </operation> Chapter 7. Supply Chain scenario using AS2 and EDI 307    <operation name=\"WebSphereMQ Suite Commit\">\\n      <participant name=\"WSMQ_Commit\"/>      <output message=\"WSMQCommitInputMessage\">        <assign to=\".\" from=\"*\"></assign>      </output>      <input message=\"inmsg\">        <assign to=\".\" from=\"*\"></assign>      </input>    </operation>\\n    <operation name=\"WebSphereMQ Suite Close Queue\">\\n      <participant name=\"WSMQ_CloseQueue\"/>      <output message=\"WSMQCloseQueueInputMessage\">        <assign to=\".\" from=\"*\"></assign>        <assign to=\"wsmq_qname\">SUPPLY.B2B.RESPONSE</assign>      </output>      <input message=\"inmsg\">        <assign to=\".\" from=\"*\"></assign>      </input>    </operation>\\n    <operation name=\"WebSphereMQ Suite Close Session\">\\n      <participant name=\"WSMQ_CloseSession\"/>      <output message=\"WSMQCloseSessionInputMessage\">        <assign to=\".\" from=\"*\"></assign>      </output>      <input message=\"inmsg\">        <assign to=\".\" from=\"*\"></assign>      </input>    </operation>\\n  </sequence>\\n</process>\\nThis process is set to handle only a single message, and would be called to output this \\nacknowledgement each time one is created by the X12EnvelopeUnified process.\\n7.5  Testing the scenario\\nIn this section, we are testing the end-to-end flow through our configuration of the four IBM \\nproducts used in this scenario (DataPower XB62, WebSphere MQ, Sterling Integrator, and \\nWTX). As depicted in the scenario overview in Figure 7-1 on page 264, we consume an AS2 message containing an EDI-X12 purchase order (850) from the external trading partner and \\nreturn an EDI-X12 functional acknowledgment (997) that is wrapped in an AS2 message envelope. \\nIn the Partner\\'s B2B Gateway, we are using a simulated backend, which communicates over \\nan http connection.   For the purpose of this scenario, we start the transfer from the external partner’s backend and send the 850 over the partner’s http integration point using an HTTP Utility. You can use any utility you are comfortable with, in this test we are using a tool called \\nNetTool. 308 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer Solutions7.5.1  Inbound flow\\nFollow these steps:\\n1. Locate the x12_4010_850.in  file the location where you unzipped \\nSCS_DataPowerArtifacts.zip  to, use your HTTP utility to post it to the partner’s http Front \\nSide Handler, in this example we used the IP of our XB62 and a port of 31002. Figure 7-38 depicts what the post looks lik e when using the NetTool utility.\\nFigure 7-38   NetTool post of sample EDI PO\\n2. The Partner\\'s B2B gateway parses the RAW EDI 850 file, recognizes that it is X12, and \\nextracts the Sender and Receiver information from the file. Figure 7-39 shows where the sender (ZZYOUR COMPANY) and receiver (ZZMYCOMPANY) information is located in the EDI 850 file. \\nFigure 7-39   EDI 850 from PartnerISA*00*          *00*          *ZZ*YOUR COMPANY   *ZZ*MYCOMPANY      *100227*0545*U*00401*000008160*0*P*>GS*PO*YOUR COMPANY*MYCOMPANY*20100227*0545*2775*X*004010ST*850*0000002BEG*00*SA*051598**20100225N1*ST*THE DEF CO.*ZZ*EEN3*1234 MAIN ST.N3*SUITE XYZN4*ANYTOWN*MA*55555\\n Chapter 7. Supply Chain scenario using AS2 and EDI 3093. Based on the destination configuration in the mycompany external profile in the Partner’s \\nB2B Gateway, the file is packaged in AS2 and sent to your B2B Gateway.\\n4. Y our B2B Gateway receives the AS2 message at the AS2 Front-side Handler and extracts \\nthe Sender and Receiver information from the AS2 headers. Figure 7-40 shows where the AS2-From (ZZYOUR COMPANY) and AS2-To: (ZZMYCOMPANY) information is located.\\nFigure 7-40   Sample AS2 header\\n5. Y our B2B Gateway Service unpackages the AS2 Envelope, looks up the partner \\ninformation, and verifies that the partners exist and are allowed to trade EDI documents. It \\nlooks at the Destination that is configured for the receiving profile and delivers the EDI 850 \\nfile to the backside. In this example, our backside is a WebSphere MQ queue that is being monitored by Sterling Integrator.\\n6. After the EDI 850 is successfully delivered to MQ, your B2B Gateway sends an AS2 MDN \\nto the Partner informing them that the transaction was successfully received.POST / HTTP/1.1\\nHost: 127.0.0.1:31020Cookie: Via: 1.1 AwAAADEAAAA-X-CLIENT-IP: 9.76.194.232Date: Fri, 16 Dec 2011 07:28:40 GMTAS2-From: \"ZZYOUR COMPANY\"AS2-To: ZZMYCOMPANYAS2-Version: 1.1Message-ID: <a9bdb845-c147-41c3-ab0f-a8415f4d9222@9.70.153.61>Subject: ZZMYCOMPANY;ZZYOUR COMPANYDisposition-Notification-To: ignored@example.comDisposition-Notification-Options: signed-receipt-protocol=optional, pkcs7-signature; signed-receipt-micalg=optional, sha1,md5Recipient-Address: as2://127.0.0.1:31020Content-Type: application/pkcs7-mime; smime-type=enveloped-data; name=\"smime.p7m\"Content-Disposition: attachment; filename=\"smime.p7m\"Connection: Keep-AliveContent-Length: 14221\\n0‚7‰*†H†÷\\n  ‚7z0‚7v\\nInbound flow:  This completes the Inbound flow from a DataPower perspective. Behind the \\nscenes, Sterling Integrator is picking up the f ile and running it through a business process \\nflow that uses WTX to validate the EDI, generate a 997, and transform it to an XML file. Sterling Integrator will then  pass the EDI 997 into an MQ queue that the XB62 is \\nmonitoring. 310 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer Solutions7.5.2  Outbound flow\\nThe EDI 997 is retrieved from the MQ Queue and parsed for sender and receiver ID \\ninformation:\\n1. Y our B2B gateway retrieves the EDI 997 from the MQ queue and parses the file, \\nrecognizes that it is X12, and extracts the Sender and Receiver information from the file. The EDI 997 will have a sender of ZZ MYCOMPANY and a receiver of ZZYOUR \\nCOMPANY (Figure 7-39).\\n2. Based on the destination configuration in the partner’s external profile in the Partner’s B2B \\nGateway, the file is packaged in AS2 and sent to the partner’s B2B Gateway.\\n3. The partner’s B2B Gateway receives the AS2 message at the AS2 Front-side Handler and \\nextracts the Sender and Receiver information from the AS2 headers. \\n4. The partner’s B2B Gateway Service unpackages the AS2 Envelope, looks up the partner \\ninformation, and verifies that the profiles exist and are allowed to trade EDI documents. It looks at the Destination that is configured for the receiving profile and delivers the EDI 997 file to the back-side. In this example, our back-side for the partner is an HTTP location that throws away the file.\\n5. After the EDI 997 is successfully delivered to the http location, the partner’s B2B Gateway \\nsends an AS2 MDN to your B2B Gateway informing you that the transaction was successfully received.\\nOutbound flow:  This completes the outbound flow portion of the scenario. Chapter 7. Supply Chain scenario using AS2 and EDI 3117.5.3  Viewing the test results\\nFollow these steps to see the test results:\\n1. Next we view the transaction in the XB62 \\'s B2B Transaction Viewer; Click on Control \\nPanel and then on B2B Transaction Viewer. \\n2. In the B2B Viewer, click Show AS Only . If the configuration is done correctly, you should \\nsee results similar to Figure 7-41. This figure splits the viewer horizontally for the purpose of this book. Note that transaction 130 was received at your ID (ZZMYCOMPANY), this is the EDI 850, transaction 131 is sent by your ID (ZZMYCOMPANY) and is the outbound EDI 997. The result code is success, meaning that both the inbound and outbound flows were successfully completed.\\nFigure 7-41   B2B Viewer - split view\\n 312 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer Solutions7.6  Conclusion\\nNow that you have completed this chapter, you should have a good understanding of how IBM \\nWebSphere DataPower B2B Appliances complement the Sterling Integrator product. Y ou can see how they sit at the edge of the network to provide B2B security and governance acting as a secure gateway protecting downstream syst ems sitting in the protected network zone. \\nWe only demonstrated the B2B c apabilities of the device in this example. However, the \\nWebSphere DataPower B2B Appliance XB62 is a functional super-set of the Security and Integration appliances that came before it. Many of the other services in the device can be used in conjunction with the B2B services to provide very robust and reliable secure options for connecting to your external trading partners. This chapter also provided you with a good understanding of how the Sterlin g Integrator product can proces s and transform data utilizing \\nits ability to integrate with WTX for EDI validation and transformation. \\nIt is important to note that all of the products used in this scenario are very flexible and can be \\nused in many different ways to accomplish similar if not the same functions demonstrated in this example. The scenario chosen in this example is only one way to integrate these products together. Its intent is meant to illustrate the value of using these products together to \\nprovide a more complete and efficient solution for handling your supply chain connectivity needs. © Copyright IBM Corp. 2012. All rights reserved. 313Chapter 8. IBM Sterling B2B Cloud Service \\nscenarios\\nThis chapter shows two trading scenarios using IBM Sterling File Transfer Service and IBM \\nSterling B2B Collaboration Network to connect to trading partners. We also describe IBM Sterling Web Forms to enable Non-EDI trading partners.\\nThis chapter includes the following sections:\\n/SM5900008.1, “File-based B2B cloud scenario” on page 314\\n/SM5900008.2, “EDI-based B2B cloud scenario” on page 3248 314 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer Solutions8.1  File-based B2B cloud scenario\\nWe start this chapter with a file-based B2B cloud scenario.\\n8.1.1  Business value\\nITSORetailCloud is a company which uses FTP and FTP/S with 500 customers for \\npoint-to-point file exchange. There is no special handling required with these files; the backend systems consume or generate the payloads that are exchanged.\\nThe company has a corporate-wide strategy to standardize in all areas possible to reduce the \\ncomplexity of their environment, reduce redundancy and to eliminate one-off solutions. They have decided to standardize the file transfer protocol on FTP/S.\\nThrough surveying their customer community, they identified the following facts:\\n/SM590000100 of the 500 customers online today need to be migrated to FTP/S and 50 of them do \\nnot migrate.\\n/SM590000There are 1,000 additional customers and supply chain partners with which they want to \\nestablish point-to-point connectivity. Also, 500 of the 1,000 customers are using FTP , 300 customers are using FTP/S, and 200 customers are using S/FTP .\\n/SM590000They have no expertise in S/FTP and do not wa nt to hire, contract, or establish the skills \\nin-house.\\n/SM590000Their IT staff do not have the time to handle the ongoing support needs of the additional \\n1,000 customers.\\n/SM590000There is not sufficient file tran sfer visibility in their existing  environment to support all the \\nprotocols.\\nTheir IT decides to recommend that the file transfer expansion project be outsourced due to \\ncompliance issues, staffing requirements, partner onboarding, community management and visibility. The business areas agree to fund the project. They are looking for the following \\nbusiness benefits:\\n/SM590000Reduced IT infrastructure and operational costs\\n/SM590000Reduced B2B file transfer complexity\\n/SM590000A highly scalable platform to grow their business\\n/SM590000Centralized monitoring and management\\n/SM590000Skilled personnel to manage their B2B file transfer environment\\n8.1.2  Presenting the scenario\\nIn this scenario, we onboard ITSORetailCloud to use IBM Sterlin g File Transfer Service. We \\nalso onboard all of its existing and additional trading partners to use IBM Sterling File Transfer Service.\\nWe establish one discreet FTP/S connection to bring ITSORetailCloud up to IBM Sterling File \\nTransfer Service. Each of its trading partners also have one discreet connection to IBM Sterling File Transfer Servic e using FTP , FTP/S, or S/FTP .  Chapter 8. IBM Sterling B2B Cloud Service scenarios 315Figure 8-1 shows the connectivity choice of this scenario in a high-level perspective.\\nFigure 8-1   Scenario overview\\n8.1.3  Configuring the scenario\\nAfter depicting at a high level the connectivity choice of the scenario that we implement, we \\nexplain in detail how to onboard the customer and all of its trading partners. \\nOnboarding  is the name of the process during which IBM sets up customer and its trading \\npartners to access File Transfer Service. The customer and its trading partners receive help from IBM in getting started with File Transfer Service. The following list is the general sequence of steps in the onboarding process:\\n1. IBM sends a Welcome Letter and questionnaire to the customer’s contact person for File \\nTransfer Service.\\n2. The customer returns the completed questionnaire to IBM.\\n3. IBM grants the customer access to File Transfer Service.4. The customer tests the connection to File Transfer Service, working with IBM as \\nnecessary.\\n5. IBM onboards the customer’s trading partners. For each trading partner, here are the \\ngeneral sequence of steps in the onboarding process:\\na. IBM sends an invitation to contact the trading partner to get set up with File Transfer \\nService. The trading partner might need to provide communications information for setting up the File Transfer Service connection, if the customer has already not given this information to IBM.\\n 316 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer Solutionsb. The trading partner tests the connection to File Transfer Service.\\nc. After the trading partner is successfully onboarded, IBM sends the trading partner \\ninformation about how to contact IBM customer support for assistance in the future.\\n6. After the trading partners are onboarded, IBM sends the customer information about how \\nto contact IBM customer support, which has a world-wide staff providing support 24 hours per day, 365 days per year.\\nOnboarding the FTP/S customer\\nThe customer uses their FTP client software that supports SSL encryption to access File \\nTransfer Service. They complete an FTP/S se rvice questionnaire that collects the following \\ninformation:\\n/SM590000Company name and contact information\\n/SM590000FTP/S service details such as FTP transfer mode and type of data to be transferred\\n/SM590000Access method such as by Internet or VPN connection\\nAfter IBM configures the customer’s account using information collected on the questionnaire, \\nIBM provides the customer with a URL and a user ID and password to connect to the File Transfer Service. The customer works together with IBM to test the connection to File Transfer Service and waits for the IBM specialists to onboard the customer’s trading partners and implement the routing logic of the files to be transferred.\\nOnboarding the FTP partner\\nEach of the customer’s FTP partners uses their FTP client or server software to access File Transfer Service. They complete an FTP service questionnaire that collects the following information:\\n/SM590000Company name and contact information\\n/SM590000FTP service details, such as FTP transfer mode and type of data to be transferred\\n/SM590000Access method, such as by Internet or VPN connection\\n/SM590000Delivery method, which defines who initiates the FTP connection\\nAfter IBM configures the trading partner’s account using information collected on the \\nquestionnaire, IBM provides the trading partner with a URL, as well as a user ID and password, to connect to the File Transfer Service. The trading partner then works together \\nwith IBM to test the connection to File Transfer Service.\\nOnboarding the FTP/S partner\\nEach of the customer’s FTP/S partners uses their FTP client software that supports SSL \\nencryption to access File Transfer Service. They complete a FTP/S service questionnaire that collects the following information:\\n/SM590000Company name and contact information\\n/SM590000FTP/S service details, such as FTP transfer mode and type of data to be transferred\\n/SM590000Access method, such as by Internet or VPN connection\\nAfter IBM configures the trading partner’s account using information collected on the \\nquestionnaire, IBM provides the trading partner with a URL, as well as a user ID and password, to connect to the File Transfer Service. The trading partner then works together with IBM to test the connection to File Transfer Service. Chapter 8. IBM Sterling B2B Cloud Service scenarios 317Onboarding the S/FTP partner\\nEach of the customer’s S/FTP partner uses their S/FTP client software to access File Transfer \\nService and they complete an S/FTP servic e questionnaire which collects the following \\ninformation:\\n/SM590000Company name and contact information\\n/SM590000S/FTP service details such as S/FTP client software, authentication method and type of \\ndata to be transferred\\n/SM590000Access method such as by Internet or VPN connection\\nAfter IBM configures the trading partner’s account using information collected on the \\nquestionnaire, IBM provides the trading partner with a URL and a user ID and password to connect to the File Transfer Service. The trading partner then works together with IBM to test the connection to File Transfer Service.\\n8.1.4  Testing the scenario\\nFor our testing, the customer us es FileZilla to connect to File  Transfer Service over FTP/S \\nprotocol to send data to trading partners. All the trading partners  also use FileZilla to connect \\nto File Transfer Service over FTP , FTP/S, or S/FTP protocol to receive data from the customer. \\nSending data to the FTP partner\\nFollow these steps to send a file to an FTP partner:\\n1. The customer connects to File Transfer  Service using FileZilla. See Figure 8-2.\\nFigure 8-2   Connection parameters\\n 318 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer Solutions2. The Customer drags the file to the COMMIT folder to upload the file (Figure 8-3). In our \\nscenario, File Transfer Service is configured to route files based on their names.\\nFigure 8-3   Uploading file using FileZilla\\n3. The FTP partner connects to File Trans fer Service using FileZilla. See Figure 8-4.\\nFigure 8-4   Uploading file using FileZilla\\n Chapter 8. IBM Sterling B2B Cloud Service scenarios 3194. The FTP partner drags the file from the RECEIVE folder to download the file. See \\nFigure 8-5.\\nFigure 8-5   Downloading file using FileZilla\\nSending data to the FTP/S partner\\nFollow these steps to send a file to an FTP/S partner:\\n1. The customer connects to File Transfer Serv ice using FileZilla and drags the file to the \\nCOMMIT folder to upload  the file. See Figure 8-6.\\nFigure 8-6   Uploading file using FileZilla\\n 320 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer Solutions2. The FTP/S partner connects to File Tran sfer Service using FileZilla. See Figure 8-7.\\nFigure 8-7   Connection parameters\\n3. The FTP/S partner drags the file from the RECEIVE folder to download the file. See \\nFigure 8-8.\\nFigure 8-8   Downloading file using FileZilla\\n Chapter 8. IBM Sterling B2B Cloud Service scenarios 321Sending data to the S/FTP partner\\nUse the following steps to send a file to an S/FTP partner:\\n1. The customer connects to File Transfer Serv ice using FileZilla and drags the file to the \\nCOMMIT folder to upload  the file. See Figure 8-9.\\nFigure 8-9   Uploading file using FileZilla\\n2. The S/FTP partner connects to File Transf er Service using FileZilla. See Figure 8-10.\\nFigure 8-10   Connection parameters\\n 322 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer Solutions3. The S/FTP partner drags the file from the RECEIVE folder to download the file. See \\nFigure 8-11.\\nFigure 8-11   Downloading file using FileZilla\\nInFlight docum ent tracking\\nIBM Sterling InFlight Data Mana gement is a visibility tool presenting a web interface for \\ntracking documents and generating reports. It tracks data associated with several services in IBM Sterling B2B Collaboration Network.\\nIn our scenario, the customer uses Inflight to track all of the documents sent to trading \\npartners (Figure 8-12) and the overall status of each document (Figure 8-13).\\nFigure 8-12   Most recent documents\\n Chapter 8. IBM Sterling B2B Cloud Service scenarios 323.\\nFigure 8-13   Document details\\n8.1.5  Conclusion\\nThis scenario demonstrates how to onboard and use IBM Sterling File Transfer Service to \\ntransfer Non-EDI files with trading partners. The onboard process is quick and simple. All the customer needs to do is to provide connection information and configure its client software to connect to the cloud service. IBM takes care of the configuration for both the customer and its trading partners. The file to be transferred can be larger than one gigabyte. A wide range of transfer protocols is supported, including FTP(S), SFTP , OFTP2, AS2, and Connect:Direct. And as a centralized visibility tool, IBM St erling InFlight Data Management helps the \\ncustomer to keep track of their files.\\n 324 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer Solutions8.2  EDI-based B2B cloud scenario\\nThe second scenario that we cover in this chapter is the EDI-based B2B cloud scenario.\\n8.2.1  Business value\\nITSOSupplyChainCloud is a company in which 50% of its suppliers do not have the capability \\nto handle EDI transactions. They are still using ph one, fax, e-mail, and the postal service to \\nreceive purchase orders (POs), and to send advance ship notices (ASNs) and invoices.\\nThe company conducted a study and revealed that the average cost of processing a paper \\ndocument is $10, regardless of volume per partner. In order to maximize ROI of their investment, they must either automate more documents or more partners. They have done all they can to compel suppliers to use EDI, but these remaining suppliers have their own business reasons for not operating their own EDI systems.\\nThrough surveying their Non-EDI suppliers, they find that half  of them are willing to use a \\nweb-enabled method, if sponsored by their customer, to receive POs and send ASNs and invoices.\\nThe business areas agree to fund this initiative to deploy IBM Sterling Web Forms. They are \\nlooking for the following business benefits:\\n/SM590000Faster turnaround on important business documents (POs, order acknowledgements, \\nASNs, invoices, and so on.)\\n/SM590000More accurate data sent and received, no re-keying, fewer errors, less rework\\n/SM590000Reduced labor, transaction, and operations costs\\n/SM590000Improved efficiencies throughout their supply chain\\n/SM590000Improved internal business processes\\n8.2.2  Presenting the scenario\\nIn this scenario, we onboard ITSOSupplyChainCloud to use IBM Sterling B2B Collaboration \\nNetwork, and its EDI trading partners are onboarded on the other side. We also onboard Non-EDI trading partners of ITSOSupplyChainCloud to use IBM Sterling Web Forms.\\nWe establish one discreet AS2 connection to bring ITSOSupplyChainCloud up to IBM \\nSterling B2B Collaboration Network. Each of its EDI trading partners also have one discreet AS2 connection to IBM Sterling B2B Collaboration Network. Each of its Non-EDI trading partners uses a web browser to access IBM Sterling Web Forms to exchange business documents electronically over the Internet with the customer. Chapter 8. IBM Sterling B2B Cloud Service scenarios 325Figure 8-14 shows the connectivity choice of this scenario in a high-level perspective.\\nFigure 8-14   Scenario overview\\n8.2.3  Configuring the scenario\\nAfter depicting at a high level the connectivity choice of the scenario, we explain in detail the \\nonboard process of both Sterling B2B Collaboration Network and Web Forms.\\nOnboarding of IBM Sterling B2B Collaboration Network\\nOnboarding the customer and EDI trading partners in this scenario to use Sterling B2B \\nCollaboration Network is almost the same as the onboarding process of IBM Sterling File Transfer Service in the first scenario of the ch apter. However, the two cloud services use \\nseparate connections.\\nThe customer and EDI trading partners use their AS2 client software to connect to Sterling \\nB2B Collaboration Network. They complete an  AS2 service questionnaire that collects the \\nfollowing information:\\n/SM590000Company name and contact information\\n/SM590000AS2 service details such as AS2 client software, AS2 identifier, AS2 certificate and AS2 \\nendpoint address\\n/SM590000Access method such as by Internet or VPN connection\\nAfter IBM configures their accounts using information collected on the questionnaire, IBM \\nprovides them with an AS2 identifier, an AS2 certificate and an AS2 endpoint address of Sterling B2B Collaboration Network that they enter into their AS2 client software to connect to the cloud service. IBM also provides them with accounts of the visibility tool, which is called \\nIBM Sterling Document Tracking. They then work together with IBM to test the connection.\\n 326 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsOnboarding of IBM Sterling Web Forms\\nSterling Web Forms uses automated online registration to enable faster partner onboarding. \\nThe customer sponsors a Sterling Web Forms community and sends a community password to its Non-EDI trading partners so that they can register to join the community. See Figure 8-15.\\nFigure 8-15   Web Forms registration\\n8.2.4  Testing the scenario\\nFor our testing, the customer and EDI partners use IBM Sterling B2B Integrator to connect to Sterling B2B Collaboration Network over AS2 protocol to send and receive EDI document. Non-EDI partners use a web browser to access IBM Sterling Web Forms site to receive electronic document translated from EDI.\\nSending data to an EDI partner\\nFollow these steps:\\n1. The customer puts the EDI document into the outbound folder on its file system. The \\nSterling B2B Integrator automatically picks up the document and sends it to Sterling B2B Collaboration Network. See Figure 8-16.\\n Chapter 8. IBM Sterling B2B Cloud Service scenarios 327Figure 8-16   Outbound folder of customer\\n2. The customer uses the dashboard of IBM Sterling B2B Integrator to track the business \\nprocess that sends the EDI document to Sterling B2B Collaboration Network (Figure 8-17) and Message Disposition Notification (MDN) sent back from the Sterling B2B Collaboration Network (Figure 8-18).\\nFigure 8-17   AS2SendSyncMDN business process\\n 328 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsFigure 8-18   MDN receipt\\n3. The EDI partner receives the document with Sterling B2B Integrator and it is extracted into \\nthe inbound folder on EDI partner’s file system. See Figure 8-19.\\nFigure 8-19   nbound folder of EDI partner\\n Chapter 8. IBM Sterling B2B Cloud Service scenarios 3294. The customer uses IBM Sterling Document Tracking to track the EDI document in the \\noutbox of its mailslot (Figure 8-20). The EDI partner also uses IBM Sterling Document Tracking to track the EDI document in the inbox of its mailslot (Figure 8-21).\\nFigure 8-20   Outbox view of customer’s mailslot\\nFigure 8-21   Inbox view of partner’s mailslot\\n 330 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsSending data to a Non-EDI partner\\n1. The customer puts the EDI document into the outbound folder on its file system. The \\nSterling B2B Integrator automatically picks up the document and sends it to the Sterling B2B Collaboration Network. The EDI do cument is shown in Example 8-1.\\nExample 8-1   EDI purchase order\\nISA*00*          *00*          *ZZ*ITSO2TEST      *ZZ*ITSO2PART2TST  \\n*111121*1145*U*00401*000000012*0*T*>~GS*PO*ITSO2TEST*ITSO2PART2TST*111121*1145*9*X*004010~ST*850*000000015~BEG*00*NE*PO0212112250**111121**AE~CSH*O~DTM*001*120120***20~N1*ST*ITSO Non EDI Partner*9*1234567890123~N3*101 Buy Street*Suite 800~N4*Buy City*TX*75757*USA~N1*BT*ITSO Non EDI Partner*9*0987654321098~N3*PO Box 1000~N4*Bill City*TX*76767*USA~PO1*1*50*EA*2.35*SR*UP*100020003001~CTP******DIS*.85~PID*F****Pens Ballpoint Fine10PK~PO1*2*50*EA*2.35*SR*UP*100020003002~CTP******DIS*.85~PID*F****Pens Ballpoint Med 10PK~PO1*3*200*EA*3.5*SR*UP*100020004101~CTP******DIS*.55~PID*F****Crayons 48/Box~PO1*4*100*EA*4.5*SR*UP*100020004102~CTP******DIS*.55~PID*F****Crayons 64/Box~PO1*5*80*EA*5*SR*UP*100040005001~CTP******DIS*.7~PID*F****Notebook 5-Subj Spiral~CTT*5*480~SE*17*000000015~GE*1*9~IEA*1*000000012~\\n2. The Non-EDI partner accesses the IBM Sterling Web Forms website to receive Web Form \\ntranslated from the EDI document. See Figure 8-22. Chapter 8. IBM Sterling B2B Cloud Service scenarios 331Figure 8-22   IBM Sterling Web Forms\\n8.2.5  Conclusion\\nThis scenario demonstrates how to onboard and use IBM Sterling B2B Collaboration Network \\nand IBM Sterling Web Forms to transfer EDI files with trading partners, regardless of whether a trading partner has EDI capability. \\nFor customers who wants to automate its EDI transactions with Non-EDI partners, community \\nservices hosted in Sterling B2B Collaboration Network such as IBM Sterling Web Forms and IBM Sterling Fax Conversion Services are provided. The customer sponsors a community and invites its Non-EDI trading partners to register to join the community. Then the customer connects to the Sterling B2B Collaboration Network to exchange EDI documents with its Non-EDI partners and use IBM Sterling Document Tracking to keep track of its documents. In this scenario, Non-EDI partners use IBM Sterling Web Forms to receive and send electronic documents in HTML format. Translation between EDI documents and Web Forms is automatically done behind the scene.\\n 332 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer Solutions © Copyright IBM Corp. 2012. All rights reserved. 333Appendix A. Additional material\\nThis book refers to additional material that can be downloaded from the Internet as described \\nin the following sections. \\nLocating the Web material\\nThe Web material associated with this book is available in softcopy on the Internet from the IBM Redbooks Web server. Point your Web browser at:\\nftp://www.redbooks.ibm.com/redbooks/ SG247992\\nAlternatively, you can go to the IBM Redbooks website at:\\nibm.com/redbooks\\nSelect the Additional materials and open the directory that corresponds with the IBM \\nRedbooks form number, SG247992.A 334 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsUsing the Web material\\nThe additional Web material that accompanies this book includes the following files:\\nFile name Description\\nSCS_DataPowerArtifacts.zip  Contains DataPower Import f ile to fully configure the \\nsimulated partner, the X.509 certificates used in the profiles, and the EDI test file.\\nSCS_WTXArtifacts1.zip Contains the compliance artifacts needed to execute the \\nX12 compliance maps. When extr acted, the zip will create \\nthe directory structure, and put all configuration files and map files in the proper location. The zip should be extracted at the root directory of the se rver that will host the Sterling \\nB2B Integrator.\\nSCS_WTXArtifacts2.zip Contains the Project Interchange needed to create the \\nExtender Project needed to build the maps needed for this scenario. From within WebSphere Transformation Extender Design Studio, import this zip as a Project Interchange.\\nChapter5_WMB_HealthCareESB.zip  Contains the WebSphere MQ Project Interchange \\nthat we created for Chapter 5, “Health Insurance scenario” on page 103.\\nChapter6_WMB_Finance.zip Contains the WebSphere MQ Project Interchange that we \\ncreated for Chapter 6, “Financial Services scenario” on page 177.\\nSystem requirements for downloading the Web material\\nThe Web material requires the following system configuration:\\nHard disk space :1 0  M B  m i n i m u m\\nOperating System : Windows/Linux\\nDownloading and extrac ting the Web material\\nCreate a subdirectory (folder) on your workstation, and extract the contents of the Web \\nmaterial .zip file into this folder. © Copyright IBM Corp. 2012. All rights reserved. 335Related publications\\nThe publications listed in this section are considered particularly suitable for a more detailed \\ndiscussion of the topics covered in this book.\\nIBM Redbooks\\nThe following IBM Redbooks publications provide additional information about the topic in this book. Note that some publications referenced in  this list might be available in softcopy only. \\n/SM590000IBM WebSphere DataPower B2B Appliance XB60 Revealed , SG24-7745\\nYou can search for, view, download or order these documents and other Redbooks, \\nRedpapers, Web Docs, draft and additional materials, at the following website: \\nibm.com/redbooks\\nOnline resources\\nThese websites are also relevant as further information sources:\\n/SM590000ANSI ASC X12 EDI standard:\\nhttp://www.x12.org/x12org/about/X12History.cfm\\n/SM590000FAQ site on different options in implementing an ESB solution:\\nhttp://www-01.ibm.com/software/integration/wsesb/v6/faqs.html#provide\\n/SM590000IBM Sterling Connect:Direct File Agent Configuration Guide:\\nhttp://www.sterlingcommerce.com/documentation/home/MFT/ConnectDirect/File%20Age\\nnt/CD%20FileAgent14/CDFAConfigGuide.pdf\\n/SM590000IBM Sterling Connect:Direct Process Language Reference Guide:\\nhttp://www.sterlingcommerce.com/documentation/home/MFT/ConnectDirect/File%20Age\\nnt/CD%20FileAgent14/CDFAConfigGuide.pdf\\n/SM590000IBM DeveloperWorks articles on message based integration choices:\\nhttps://www.ibm.com/developerworks/wikis/display/esbpatterns/Message-based+Inte\\ngrationhttp://www.ibm.com/developerworks/library/ws-enterpriseconnectivitypatterns/index.html\\n/SM590000“What’s new in Version 8.0” section in the WebSphere Message Broker V8.0 Information \\nCenter:\\nhttp://publib.boulder.ibm.com/infocenter/wmbhelp/v8r0m0/topic/com.ibm.etools.mf\\nt.doc/bb23110_.htm\\n/SM590000“Which XML parser should you use” in the WebSphere Message Broker Information \\nCenter:\\nhttp://publib.boulder.ibm.com/infocenter/wmbhelp/v8r0m0/index.jsp?topic=/com.ib\\nm.etools.mft.doc/ad70530_.htm 336 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer Solutions/SM590000IBM Developer Works articles on WebSphere Transformation Extender:\\nhttp://www-01.ibm.com/software/integration/wdatastagetx/\\n/SM590000WebSphere MQ Information Center, WebSphere MQ clusters:\\nhttp://publib.boulder.ibm.com/infocenter/wmqv6/v6r0/index.jsp?topic=%2Fcom.ibm.\\nmq.csqzah.doc%2Fqc10120_.htm\\n/SM590000IBM Sterling Connect:Direc t Installation Guide:\\nhttp://www.sterlingcommerce.com/documentation/home/MFT/ConnectDirect/Windows/CD\\n%20Windows46/CDWindowsGettingStarted.pdf\\n/SM590000IBM Sterling Connect:Direct File Agent Configuration Guide:\\nhttp://www.sterlingcommerce.com/documentation/home/MFT/ConnectDirect/File%20Age\\nnt/CD%20FileAgent14/CDFAConfigGuide.pdf\\n/SM590000Sterling Secure Proxy 3.4 documentation:\\nhttp://www.sterlingcommerce.com/documentation/home/MFT/SSP/SSP.html\\nHelp from IBM\\nIBM Support and downloads:ibm.com/support\\nIBM Global Services:\\nibm.com/services (0.5” spine)\\n0.475”<->0.873”\\n250 <-> 459 pagesEnd-to-end Integration with IBM Sterling B2B \\nIntegration and Managed File Transfer SolutionsEnd-to-end Integration with IBM Sterling B2B Integration and Managed End-to-end Integration with IBM Sterling B2B Integration and \\nManaged File Transfer Solutions\\nEnd-to-end Integration with IBM Sterling B2B Integration and Managed File  End-to-end Integration with IBM \\nSterling B2B Integration and Managed File Transfer Solutions\\nEnd-to-end Integration with IBM \\nSterling B2B Integration and Managed File Transfer Solutions  ®\\nSG24-7992-00 ISBN 0738436925INTERNATIONAL \\nTECHNICAL\\nSUPPORTORGANIZATION\\nBUILDING TECHNICAL INFORMATION BASED ON PRACTICAL EXPERIENCE\\nIBM Redbooks are developed \\nby the IBM International \\nTechnical Support Organization. Experts from \\nIBM, Customers and Partners \\nfrom around the world create timely technical information \\nbased on realistic scenarios. \\nSpecific recommendations are provided to help you \\nimplement IT solutions more \\neffectively in your environment.\\nFor more information:ibm.com /redbooks®\\nEnd-to-end Integration with \\nIBM Sterling B2B Integration and \\nManaged File Transfer Solutions\\nImplement an \\nend-to-end \\nintegration with IBM \\nSterling and WebSphere Portfolios\\nLearn how to design a \\nB2B solution for small \\nand large partners\\nExperiment with real \\nlife scenariosAcross numerous vertical industries, enterprises are challenged to \\nimprove processing efficiency as transactions flow from their business communities to their internal systems and vice versa, simplify management and expansion of the external communities, accommodate customer and supplier preferences, govern the flow of information, enforce policy and standards, and protect sensitive information. Throughout this process, external partners must be on-boarded and off-boarded, information must flow across multiple communications infrastructures, and data must be mapped and transformed for consumption across multiple applications. \\nSome transactions require synchronous or real-time processing while \\nothers are of a more periodic nature. For some classes of customer or supplier, the enterprise might prefer a locally-managed, on-premise solution. For some types of communities (often small businesses), an as-a-Service solution might be the best option. Many large enterprises combine the on-premise and as-a-Service approach to serve different categories of business partners (customers or suppliers).\\nThis IBM Redbooks publication focuses on solutions for end-to-end \\nintegration in complex value chains and presents several end-to-end common integration scenarios with IBM Sterling and IBM WebSphere portfolios.\\nWe believe that this publication will be a reference for IT Specialists \\nand IT Architects implementing an integration solution architecture involving IBM Sterling and IBM WebSphere portfolios.Back cover', 'url': 'http://www.redbooks.ibm.com/abstracts/sg247992.html', 'keywords': '', 'categories': ''}} <class 'dict'> \n",
      "\n",
      "_index --> superknowa\n",
      "_type --> _doc\n",
      "_id --> 8rPQRIkBf6jOYblFcw91\n",
      "_score --> 134.61635\n",
      "_source --> {'id': 'sg247992', 'published_source': 'Redbooks', 'publish_date': '2012-07-21', 'last_update_date': '2023-07-11', 'indexing_date': '2023-07-11', 'content': ' ibm.com /redbooksIBM® WebSphere®  Front cover\\nEnd-to-end Integration with \\nIBM Sterling B2B Integration and Managed File Transfer Solutions\\nJames Ballentine\\nClaudemir Braghirolli\\nVasfi Gucer\\nRahul Gupta\\nJames B Herry\\nRichard Kinard\\nGianluca Meloni\\nBala Sivasubramanian\\nEduardo Ribeiro de Souza\\nFrank Strecker\\nGang YinImplement an end-to-end integration with \\nIBM Sterling and WebSphere Portfolios\\nLearn how to design a B2B solution for \\nsmall and large partners\\nExperiment with real life \\nscenarios  International Technica l Support Organization\\nEnd-to-end Integration with IBM Sterling B2B \\nIntegration and Managed File Transfer Solutions\\nJuly 2012\\nSG24-7992-00 © Copyright International Bu siness Machines Corporation 2012. All rights reserved.\\nNote to U.S. Government Users Restri cted Rights -- Use, duplication or di sclosure restricted by GSA ADP Schedule\\nContract with IBM Corp.First Edition (July 2012)\\nThis edition applies to  the following products:\\n- IBM Sterling B2B Integrator Version 5.2.3\\n- IBM Sterling File Gateway Version 2.2.3\\n- IBM Sterling Connect:Direct Version 4.6- IBM WebSphere Message Queue Version 7.0.1\\n- IBM WebSphere Message Broker Version 8.0\\n- IBM WebSphere Transformation Extender Design Studio Version 8.4- IBM WebSphere Transformation Extender for Integration Servers Version 8.4\\n- IBM WebSphere DataPower B2B Appliance XB62 Version 4.0.2.1Note: Before using this information and the product it supports, read the information in “Notices” on \\npage vii. © Copyright IBM Corp. 2012. All rights reserved. iiiContents\\nNotices  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . vii\\nTrademarks  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . viii\\nPreface  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ix\\nThe team who wrote this book . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ix\\nNow you can become a published author, too!  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xi\\nComments welcome. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xii\\nStay connected to IBM Redbooks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xii\\nPart 1.  Introducing the proposed solution architecture  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1\\nChapter 1.  Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3\\n1.1  Scope  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5\\n1.2  How to use this book. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5\\n1.3  Products used . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  . . 5\\n1.4  Intended audience. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  . 7\\n1.5  Conceptual architecture  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8\\n1.6  Business benefits  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9\\n1.7  Overview of scenarios. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 0\\n1.8  Lab environment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  10\\nChapter 2.  Enabling seamless and secure integration inside and outside of the \\nenterprise  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13\\n2.1  What are the business requirements?  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14\\n2.1.1  Basic concepts and design forces: A gentle introduction . . . . . . . . . . . . . . . . . . . 142.1.2  Conclusion  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 7\\n2.2  Secure cooperation with business partners  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17\\n2.2.1  Technical security function . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 182.2.2  Gateway function  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19\\n2.2.3  Technology choices  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20\\n2.2.4  Small enterprises  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27\\n2.2.5  Medium and large enterprises. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27\\n2.3  Seamless integration inside the enterprise . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29\\n2.3.1  Connectivity matters: Messaging  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29\\n2.3.2  WebSphere MQ  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30\\n2.3.3  Enterpri se Service Bus (ESB): Enab ler for Service Oriented Architecture . . . . . . 33\\n2.3.4  IBM ESB products. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36\\n2.3.5  Technology choices  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 38\\n2.3.6  Small enterprises  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 402.3.7  Medium and large enterprises. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42\\nChapter 3.  Connecting with your partners and managing your communication  . . . . 45\\n3.1  What are the business requirements?  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 46\\n3.2  Typical scenarios and implementation  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 46\\n3.2.1  Sample scenario: IBM Sterling File Gateway . . . . . . . . . . . . . . . . . . . . . . . . . . . . 463.2.2  Sample scenario: IBM Sterling Connect:Direct. . . . . . . . . . . . . . . . . . . . . . . . . . . 50\\n3.2.3  Sample IBM Sterling Control Center scenario  . . . . . . . . . . . . . . . . . . . . . . . . . . . 53\\n3.2.4  Sample IBM Sterling B2B Cloud Services scenario . . . . . . . . . . . . . . . . . . . . . . . 563.2.5  Sample WebSphere DataPower B2B Appliances XB62 scenario  . . . . . . . . . . . . 57 iv End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer Solutions3.3  Product information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  58\\n3.3.1  IBM Sterling File Gateway. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 58\\n3.3.2  IBM Sterling Connect:Direct . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 62\\n3.3.3  IBM Sterling B2B Cloud Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 643.3.4  IBM Sterling Control Center  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 67\\nChapter 4.  Routing and transforming messages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 69\\n4.1  What are the business requirements?  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 70\\n4.2  Message based integration choices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 72\\n4.2.1  Message translator pattern . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 734.2.2  Messaging bridge pattern . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 73\\n4.2.3  Message aggregator pattern. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 73\\n4.2.4  Message splitter pattern . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 734.2.5  Message request/response correlator pattern  . . . . . . . . . . . . . . . . . . . . . . . . . . . 74\\n4.3  Product information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  74\\n4.3.1  WebSphere Message Broker . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 744.3.2  WebSphere Transformation Extender. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 81\\n4.3.3  WebSphere DataPower XB62 appliance  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 99\\n4.3.4  Sterling B2B Integrator . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 100\\nPart 2.  Scenarios based on the proposed solution architecture  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 101\\nChapter 5.  Health Insurance scenario . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 103\\n5.1  Business value  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  104\\n5.2  Prerequisites: Technical and infrastructure. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 104\\n5.2.1  Software prerequisites  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 104\\n5.2.2  Skills prerequisites  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 105\\n5.3  Presenting the healthcare scenario. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 106\\n5.3.1  Inbound flow part 1: Sterling Secure Proxy/Sterling B2B Integrator/Sterling File \\nGateway . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 107\\n5.3.2  Inbound flow part 2: WebSphere Message Broker/WebSphere Transformation \\nExtender . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 108\\n5.3.3  Outbound flow. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 109\\n5.4  Configuring the scenario . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 109\\n5.4.1  Scenario outline  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 109\\n5.4.2  Scenario implementation  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 110\\n5.5  Testing the scenario . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 65\\n5.5.1  Original message  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1655.5.2  Delivery to Sterling File Gateway and routing of the message . . . . . . . . . . . . . . 168\\n5.5.3  Processing of the message in Sterling B2B Integrator . . . . . . . . . . . . . . . . . . . . 169\\n5.5.4  Processing of the message in WebSphere Message Broker . . . . . . . . . . . . . . . 1725.5.5  Final message delivery to backend application. . . . . . . . . . . . . . . . . . . . . . . . . . 175\\n5.5.6  Delivery of the acknowledgement to the trading partner. . . . . . . . . . . . . . . . . . . 175\\n5.6  Conclusion  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  . 176\\nChapter 6.  Financial Services scenario  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 177\\n6.1  Business value  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  178\\n6.2  Prerequisites: Technical and infrastructure. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 178\\n6.2.1  Software prerequisites  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 178\\n6.2.2  Skills prerequisites  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 180\\n6.3  Presenting the Financial Services scenario  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 181\\n6.3.1  Alternate scenarios . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 184\\n6.4  Configuring the scenario . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 185\\n6.4.1  Installing and configuring the IBM Sterling B2B Integr ator . . . . . . . . . . . . . . . . . 185  Contents v6.4.2  Installing and configuring the IBM Ster ling File Gateway . . . . . . . . . . . . . . . . . . 198\\n6.4.3  Installing and configuring the IBM Sterling Connect Dir ect. . . . . . . . . . . . . . . . . 201\\n6.4.4  Installin g and configuring the IBM Sterling Connec t:Direct File Agent . . . . . . . . 205\\n6.4.5  Installing and configuring the IBM Ster ling Secure Proxy . . . . . . . . . . . . . . . . . . 208\\n6.4.6  Installing and configuring the IBM Ster ling Control Center . . . . . . . . . . . . . . . . . 214\\n6.4.7  Installing and configuring the IBM WebSphere Transformation Extender Design \\nStudio . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 230\\n6.4.8  Installin g and configuring the IBM WebSp here Transformatio n Extender for \\nIntegration Servers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 235\\n6.5  Testing the scenario . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2 35\\n6.6  Extended scenario  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23 8\\n6.6.1  Business value . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 238\\n6.6.2  Additional prerequisites. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2386.6.3  Overview of the extension scenario  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 239\\n6.6.4  Alternate configurations  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 240\\n6.6.5  Configuring the extended scenario . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 240\\n6.7  Conclusion  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  . 259\\nChapter 7.  Supply Chain scenario using AS2 and EDI  . . . . . . . . . . . . . . . . . . . . . . . . 261\\n7.1  Business value  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  262\\n7.2  Prerequisites: Technical and infrastructure. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 262\\n7.2.1  Software prerequisites  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2627.2.2  Skills prerequisites  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 263\\n7.3  Presenting the scenario  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 263\\n7.3.1  Primary scenario . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2637.3.2  Alternate scenarios . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 264\\n7.4  Configuring the scenario . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 265\\n7.4.1  Configuring the IBM WebSphere B2B Appliance XB62 . . . . . . . . . . . . . . . . . . . 2657.4.2  Configuring the IBM WebSphere Transformation Extender . . . . . . . . . . . . . . . . 290\\n7.4.3  Configuring IBM Sterling B2B Integrator. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 301\\n7.5  Testing the scenario . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 07\\n7.5.1  Inbound flow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 308\\n7.5.2  Outbound flow. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 310\\n7.5.3  Viewing the test results . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 311\\n7.6  Conclusion  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  . 312\\nChapter 8.  IBM Sterling B2B Cloud Service scenarios  . . . . . . . . . . . . . . . . . . . . . . . . 313\\n8.1  File-based B2B cloud scenario . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 314\\n8.1.1  Business value . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3148.1.2  Presenting the scenario  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 314\\n8.1.3  Configuring the scenario . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 315\\n8.1.4  Testing the scenario . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3178.1.5  Conclusion  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 323\\n8.2  EDI-based B2B cloud scenario . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 324\\n8.2.1  Business value . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3248.2.2  Presenting the scenario  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 324\\n8.2.3  Configuring the scenario . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 325\\n8.2.4  Testing the scenario . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3268.2.5  Conclusion  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 331\\nAppendix A.  Additional material  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 333\\nLocating the Web material . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 333\\nUsing the Web material . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33 4\\nSystem requirements for downloading the Web material . . . . . . . . . . . . . . . . . . . . . . . 334 vi End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsDownloading and extracting the Web material . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 334\\nRelated publications  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 335\\nIBM Redbooks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 335\\nOnline resources  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 335\\nHelp from IBM  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .  . 336 © Copyright IBM Corp. 2012. All rights reserved. viiNotices\\nThis information was developed for products and services offered in the U.S.A. \\nIBM may not offer the products, services, or features di scussed in this document in other countries. Consult \\nyour local IBM representative for information on the products and services currently available in your area. Any \\nreference to an IBM product, program, or service is not intended to state or imply that only that IBM product, \\nprogram, or service may be used. Any functionally equivalent product, program, or service that does not infringe any IBM intellectual property ri ght may be used instead. However, it is the user\\'s responsibility to \\nevaluate and verify the operation of any non-IBM product, program, or service. \\nIBM may have patents or pending patent applications covering subject matter described in this document. The \\nfurnishing of this document does not give you any licen se to these patents. Y ou can send license inquiries, in \\nwriting, to: IBM Director of Licensing, IBM Corporation, North Castle Drive, Armonk, NY 10504-1785 U.S.A.\\nThe following paragraph does not apply to the United Kingdom or any other country where such \\nprovisions are inconsistent with local law:  INTERNATIONAL BUSINESS MACHINES CORPORATION \\nPROVIDES THIS PUBLICATION \"AS IS\" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS OR \\nIMPLIED, INCLUDING, BUT NOT LIMITED TO, TH E IMPLIED WARRANTIES OF NON-INFRINGEMENT, \\nMERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOS E. Some states do not allow disclaimer of \\nexpress or implied warranties in certain transactions, therefore, this statement may not apply to you. \\nThis information could include technical inaccuracies or typographical errors. Changes are periodically made \\nto the information herein; these chan ges will be incorporated in new editions  of the publication. IBM may make \\nimprovements and/or changes in the product(s) and/or the program(s) described in this publication at any time without notice. \\nAny references in this information to non-IBM websites are provided for convenience only and do not in any \\nmanner serve as an endorsement of those websites. The materials at those websites are not part of the \\nmaterials for this IBM product and use of  those websites is at your own risk. \\nIBM may use or distribute any of the information you supply in any way it believes appropriate without incurring \\nany obligation to you.\\nInformation concerning non-IBM products was obtained from the suppliers of those products, their published \\nannouncements or other publicly available sources. IB M has not tested those products and cannot confirm the \\naccuracy of performance, compatibility or any other cl aims related to non-IBM pr oducts. Questions on the \\ncapabilities of non-IBM products should be addr essed to the suppliers of those products.\\nThis information contains examples of  data and reports used in daily business oper ations. To illustrate them \\nas completely as possible, the examples include the nam es of individuals, companies, brands, and products. \\nAll of these names are fictitious and any similarity to the names and addresses used by an actual business \\nenterprise is entirely coincidental. \\nCOPYRIGHT LICENSE:\\nThis information contains sample application programs in  source language, whic h illustrate programming \\ntechniques on various operating platforms. Y ou may copy, modify, and distribute these sample programs in \\nany form without payment to IBM, for the purposes of developing, using, marketing or distributing application \\nprograms conforming to the application programming interf ace for the operating platform for which the sample \\nprograms are written. These examples have not been thoroughly tested under all conditions. IBM, therefore, \\ncannot guarantee or imply re liability, serviceability, or function of these programs.  viii End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsTrademarks\\nIBM, the IBM logo, and ibm.com are trademarks or registered trademarks of International Business Machines \\nCorporation in the United States, other countries, or both. These and other IBM trademarked terms are marked on their first occurrence in this information with the appropriate symbol (® or ™), indicating US \\nregistered or common law trademarks owned by IBM at the time this information was published. Such \\ntrademarks may also be registered or common law trademarks in other countries. A current list of IBM trademarks is available on the Web at http://www.ibm.com/legal/copytrade.shtml\\nThe following terms are trademarks of the International Business Machines Corporation in the United States, \\nother countries, or both: \\nCICS®\\nDataPower®\\nDB2®IBM®IMS™\\nRedbooks®\\nRedbooks (logo) ®Smarter Commerce™Tivoli®\\nWebSphere®\\nz/OS®\\nThe following terms are trademarks of other companies:\\nConnect:Direct, Connect:Enterprise, Gentran:Server, Sterling Integrator, and Sterling Commerce are \\ntrademarks or registered trademarks of Sterling Commerce, Inc., an IBM Company.\\nMicrosoft, Windows, and the Windows logo are trademarks  of Microsoft Corporation in the United States, \\nother countries, or both.\\nJava, and all Java-based trademarks and logos are trademarks or registered trademarks of Oracle and/or its \\naffiliates.\\nIntel, Intel logo, Intel Inside, Intel Inside logo, Intel Centrino, Intel Centrino logo, Celeron, Intel Xeon, Intel \\nSpeedStep, Itanium, and Pentium are trademarks or registered trademarks of Intel Corporation or its \\nsubsidiaries in the United States and other countries. \\nOther company, product, or service names may be trademarks or service marks of others. \\n © Copyright IBM Corp. 2012. All rights reserved. ixPreface\\nAcross numerous vertical industries, enter prises are challenged to improve processing \\nefficiency as transactions flow from their business communities to their internal systems and vice versa, simplify management and expansion of the external communities, accommodate customer and supplier preferences, govern the flow of information, enforce policy and standards, and protect sensitive information. Thr oughout this process, external partners must \\nbe on-boarded and off-boarded, information must flow across multiple communications infrastructures, and data must be mapped and transformed for consumption across multiple applications. \\nSome transactions require synchronous or real-time processing while others are of a more \\nperiodic nature. For some classes of customer or supplier, the enterprise might prefer a locally-managed, on-premise solution. For some types of communities (often small businesses), an as-a-Service solution might be the best option. Many large enterprises combine the on-premise and as-a-Service approach to serve different categories of business partners (customers or suppliers.\\nThis IBM\\n® Redbooks ® publication focuses on solutions for end-to-end integration in complex \\nvalue chains and presents several end-to-end common integration scenarios with IBM Sterling and IBM WebSphere\\n® portfolios.\\nIt is not the goal of this publication to provide deep technical detail for every product, or to \\nprovide the singular best solution for any specific scenario, but rather to provide insight on how integration using the products can be accomplished.\\nWe first define a high level integration solution architecture and provide several examples of \\nhow this architecture can be applied to different industries.\\nWe believe that this publication will be a refe rence for IT Specialists and IT Architects \\nimplementing an integration solution architecture involving IBM Sterling and IBM WebSphere portfolios.\\nThe team who wrote this book\\nThis book was produced by a team of specialists from around the world working at the International Technical Support Organization, Raleigh Center.\\nJames Ballentine  is an Advisory Software Engineer for the IBM Sterling B2B Integrator \\nSupport Team, part of B2B Commerce Solutions of the IBM Industry Solutions group. He has worked as a support professional for IBM Sterling B2B Integrator for the past 7 years, 5 of which were spent as the team lead for the Database support team. Prior to joining this team, he had worked for nearly 10 years as a database administrator, designer, and developer in a variety of positions. He has extensive experience with RDBMS technologies, as well as various programming languages and associated technologies.\\nClaudemir Braghirolli  works at Customer Support, IBM Software Group, Commerce based \\nin São Paulo, Brazil, his native town. He has 19 years of experience with the products of IBM Sterling Connect:Direct family and 7 years of experience with IBM Sterling B2B Integrator. His areas of expertise include implementation and support of IBM Sterling Connect:Direct family products, support of IBM Sterling B2B Integrator, and development of applications under IBM Sterling B2B Integrator. x End-to-end Integration with IBM Sterling B2B Inte gration and Managed File Transfer SolutionsVasfi Gucer  is a Project Leader at the IBM International Technical Support Organization. He \\nhas been with the ITSO since January 1999. He has more than 12 years of experience in the areas of systems management, networking hardware, and software on mainframe and distributed platforms. He writes extensively and teaches IBM classes worldwide on IBM products. Vasfi is also an IBM Certified Senior IT Specialist, PMP , and ITIL Expert.\\nRahul Gupta   is an Advisory IT Specialist with IBM Global Technology Services in India. He \\nis a Certified SOA Architect with 6 years of professional experience in IBM messaging technologies. At his current assignment, he works as a middleware consultant for various clients in North America. His core experiences  are in lab testing, performance tuning, and \\nLevel 3 development for both WebSphere Message Broker and WebSphere MQ products. Rahul has been a technical speaker for messaging-related topics at various WebSphere conferences and is a recognized inventor by the IBM innovation community.\\nJames B Herry  is a Senior Managing Consultant, cu rrently with IBM Software Services - \\nIndustry Solutions. He joined IBM in 2006 after working for 16 years as an application development professional, specializing in middleware integration. James graduated from Elon College in 1990 with a Bachelor\\'s degree in Computer Science. Since joining IBM, he has specialized in helping clients in the financial and health care industries integrate WebSphere Transformation Extender into their middleware solutions, both as a solution architect and as an integration consultant.\\nRichard Kinard  is the Product Manager for WebSphere DataPower Appliances. He is a \\nsubject matter expert in business-to-business (B2B) technologies and has over 12 years of experience designing, developing, and implementing B2B solutions. He has worked on many initiatives with Internet standar ds organizations to promote B2B interoperability and was a \\nSenior Product Manager of a successful B2B application prior to working for IBM.\\nGianluca Meloni  is a Technical Support Analyst for IBM Industry Solutions, B2B Commerce, \\nbased in Italy. He has 11 years of experience in the B2B integration field. He holds a degree in mathematics from the Univer sity of Cagliari. His areas of expertise include IBM Sterling \\nB2B Integrator, IBM Sterling File Gateway, IBM Sterling Connect:Direct and IBM Sterling Gentran:Server for UNIX. Origin ally from Sardinia, he is no w home-based in Sanremo with \\nhub office in Milan.\\nBala Sivasubramanian is an IBM Certified Senior IT Specialist for IBM US SWG - Industry \\nSolution Service, which focuses on Telecom, Media, and Entertainment. Previously, he \\nworked in the IBM US GBS Wireless Practice as  Senior IT Specialist and Integration Architect \\nfor the Tier 1 Service Providers in North America and has wide, international experience in the real world Telecom projects that involve complex integration solutions. His expertise \\nincludes a broad focus on the telecommunications industry. He has a deep knowledge of IBM tooling / product suite / Industry frameworks, IBM Telecom SDP & SPDE Framework, Parlay & TMF Standards, and OSS/BSS vend or product integration with IBM Web Sphere Middleware \\nProducts. He is the co-author for IBM Redbooks publications on the Telecommunication Industry Solution and is co-author for the IBM Certifications on the IBM Middleware and Tooling Products. He is also an IBM Certified Senior IT Specialist - Application Integration and Middleware and has 8+ IBM Product Certifications. Additionally, he holds a degree in Computer Science Engineering.\\nEduardo Ribeiro de Souza  is a Senior Solution Engineer and an architect to integration \\nsolutions such as Enterprise Application Integration (EAI), Business to Business Integration (B2Bi), Business Process Management (BPM),  Business Activity Monitoring (BAM), and \\ncomposite applications. He has more than 15 years of experience in developing and integrating enterprise applications across a variety of industries. He holds a Master’s degree in Production Engineering from Federal University of Santa Catarina, Brazil.  Preface xiFrank Strecker  is an Advisory IT Architect and Support Engineer in the European IBM \\nSterling B2B Integrator support team. Before joining IBM Industry Solutions support, he used to work as a WebSphere MQ and Message Broker Consultant in the German IBM Software Services for WebSphere team. After working hours, Frank teaches the Alexander Technique.\\nGang Yin  is a Product Developer in Sterling B2B China team, focusing on development and \\nL3 support of Sterling B2B cloud services. His areas of expertise include WebSphere ESB, WebSphere Message Broker, and WebSphere DataPower appliances.\\nThanks to the following people for their contributions to this project:\\nDave Bennin, Shari Deiana, Emma Jacobs, Stephen Smith\\nInternational Technical Support Organization, Raleigh Center\\nBobbi Burris, Rex Chan, Daniel Davis, Diane Defallo, Fritz Fahrenback, Charles Fenton, Bill \\nHines, Michael Hudson, Lorenz Jimenez, Scott Lewis, Dirk Maney, Jeff Matteo, George Middlebrook, Jeff Leach, Todd Margo, Mark Roper, Pamela TaylorIBM USA\\nKen Clark, David Hardcastle\\nIBM UK\\nAndrew Pang\\nIBM Canada\\nThe team also would like to thank Bandana Batra for providing valuable input on the book \\ncontent.\\nNow you can become a published author, too!\\nHere’s an opportunity to spotlight your skills, grow your  career, and become a published \\nauthor—all at the same time! Join an ITSO residency project and help write a book in your area of expertise, while honing your experience using leading-edge technologies. Y our efforts will help to increase product ac ceptance and customer satisf action, as you expand your \\nnetwork of technical contacts and relationships. Residencies run from two to six weeks in \\nlength, and you can participate either in person or as a remote resident working from your home base.\\nFind out more about the residency program, browse the residency index, and apply online at:\\nibm.com/redbooks/residencies.html xii End-to-end Integration with IBM Sterling B2B In tegration and Managed File Transfer SolutionsComments welcome\\nY our comments are important to us!\\nWe want our books to be as helpful as possible. Send us your comments about this book or \\nother IBM Redbooks publications in one of the following ways:\\n/SM590000Use the online Contact us  review Redbooks form found at:\\nibm.com/redbooks\\n/SM590000Send your comments in an email to:\\nredbooks@us.ibm.com\\n/SM590000Mail your comments to:\\nIBM Corporation, International Technical Support Organization\\nDept. HYTD Mail Station P0992455 South RoadPoughkeepsie, NY 12601-5400\\nStay connected to IBM Redbooks\\n/SM590000Find us on Facebook:\\nhttp://www.facebook.com/IBMRedbooks\\n/SM590000Follow us on Twitter:\\nhttp://twitter.com/ibmredbooks\\n/SM590000Look for us on LinkedIn:\\nhttp://www.linkedin.com/groups?home=&gid=2130806\\n/SM590000Explore new Redbooks publications, residencies, and workshops with the IBM Redbooks \\nweekly newsletter:\\nhttps://www.redbooks.ibm.com/Redbooks.nsf/subscribe?OpenForm\\n/SM590000Stay current on recent Redbooks publications with RSS Feeds:\\nhttp://www.redbooks.ibm.com/rss.html © Copyright IBM Corp. 2012. All rights reserved. 1Part 1Introducing the \\nproposed solution \\narchitecture\\nIn this part of the book, we introduce our proposed solution architecture for implementing \\nend-to-end integration in complex value chains. In Chapter 1, “Introduction” on page 3, we describe this architecture at a high level. In the rest of the chapters in this part, we delve into details of the components of this proposed solution architecture. Part 1 2 End-to-end Integration with IBM Sterling B2B Inte gration and Managed File Transfer Solutions © Copyright IBM Corp. 2012. All rights reserved. 3Chapter 1. Introduction\\nIn today’s business and technology environment,  it is likely that you deploy products from \\nmany different technology portfolios to meet the needs of your organization. It is also likely that you solve a multitude of business problems by making use of a multitude of technology offerings. You have probably thought about ho w you might best use t he capabilities of the \\nvarious products you have in place to more ef fectively integrate your business, while still \\nleveraging the investment in the effort and technology you have already made. This IBM® Redbooks® publication addresses this concern, as  it relates to products in the IBM Sterling \\nand products in the IBM WebSphere® portfolios. \\nThis publication provides a guide to end-to-end integration for organizations with these needs:\\n/SM590000Already have solutions deployed using both sets of products and want to more securely \\nand seamlessly integrate them together. \\n/SM590000Want to extend the capabilitie s of an existing solution t hat makes use of one of the \\naforementioned product portfolios by integrating it with the other.\\n/SM590000Have inherited technology solutions through a merger or an acquisition and want to \\nintegrate the inher ited capabilities with the existing functionality.\\nThe products used for the scenarios described in this publication are not all-inclusive, but they \\nprovide you with ideas for how you can build basic integration between the products. The scenarios are based on real-world situations and give examples of what is involved with \\nintegrating the products in a live deployment. As is the case with building and deploying any solution, it is important to un derstand the requiremen ts of the business and the capabilities of \\nthe available technology in order to provide the most cost effective and robust solution required to meet the goals of the business. \\nIt is not the goal of this publication to provide deep technical detail for every product or to \\nprovide the singular best solution for any specific scenario, but rather to provide insight on how integration using the products can be accomplished.\\nThis chapter introduces the content of this publication, the products that we use to \\ndemonstrate the capabilities of the software suites, the real world scenarios that we chose to \\ndemonstrate implementation of integration, and some alternative choices that you might want to make in your organization.1 4 End-to-end Integration with IBM Sterling B2B Inte gration and Managed File Transfer SolutionsThis chapter includes the following sections:\\n/SM5900001.1, “Scope” on page 5\\n/SM5900001.2, “How to use this book” on page 5\\n/SM5900001.3, “Products used” on page 5\\n/SM5900001.4, “Intended audience” on page 7\\n/SM5900001.5, “Conceptual architecture” on page 8\\n/SM5900001.5, “Conceptual architecture” on page 8\\n/SM5900001.7, “Overview of scenarios” on page 10\\n/SM5900001.8, “Lab environment” on page 10 Chapter 1. Introduction 51.1  Scope\\nBecause of the numerous possible points of integration between the products in the IBM \\nSterling and the IBM WebSphere portfolios, the scope of this publication excludes demonstrating integration between every possible product combination. Instead we provide examples, from which you can extend the concepts of integration to other product combinations.\\nWe assume that you are knowledgeable regarding the products discussed in this publication. \\nTherefore, installation, base configuration, and detailed instruction on the basic use of the products discussed in the scenarios are not provided. However, we do provide references to enable you to gain a dditional knowledge and skill for ea ch of the products we discuss.\\n1.2  How to use this book\\nThis publication is divided into two parts: \\n/SM590000Part 1, “Introducing the proposed solution architecture” on page 1 describes the \\nconceptual architecture and how to implement each of the high level components of the architecture using products from IBM Sterling and IBM WebSphere portfolios. Each component is discussed as to its purpose within the functional area of the architecture in which it resides. \\nIn addition to the products actually used to implement the various scenarios appearing in \\nthis book, products that might be candidates  to serve the same purpose are referenced. \\nThe products used in the scenarios discussed in this publication to demonstrate the integration capabilities ar e introduced in 1.8, “Lab  environment” on page 10.\\n/SM590000Part 2, “Scenarios based on the proposed solution architecture” on page 101 describes \\nfour scenarios that demonstrate ways to integrate IBM Sterling and the IBM WebSphere portfolio products. Each scenario implementation is discussed. Each implementation is executed using a diff erent combination of products and/o r product capab ilities from the \\navailable products in the IBM Sterling and WebSphere portfolios. \\n1.3  Products used\\n/SM590000IBM Sterling B2B Integrator V5.2.3:\\nA transaction engine and toolkit that allows  the user to define, create, implement, and \\nmanage process flows. These flows, in turn, allow for the processing, routing, translation, and storage of high volumes of inbound and outbound messages or files, and can also interact and integrate with both internal systems and external business partners. For more information, including the details of the supported protocols, see “Sterling B2B Integrator” on page 21. Y ou can also see the IBM Sterling B2B Integrator 5.2 Information Center at:\\nhttp://publib.boulder.ibm.com/infocenter/sb2bi/v5r2/index.jsp\\n/SM590000IBM Sterling File Gateway V2.2.3:\\nAn application that integrates  with, and extends, the ability of IBM Sterling B2B Integrator \\nto accept, manage, route, and process files from external partners, using multiple different protocols and formats. It can simplify the management of external partners and communities and can also assist  in seamless integration of internal and external systems. \\nFor more information, see “IBM Sterling File Gateway” on page 58. Another source of information is IBM Sterling File Gateway 2.0 Information Center which can be found at:\\nhttp://publib.boulder.ibm.com/infocenter/sfg/v2r0/index.jsp 6 End-to-end Integration with IBM Sterling B2B Inte gration and Managed File Transfer Solutions/SM590000IBM Sterling Connect:Direct® V4.6:\\nA peer-to-peer file-based integration middleware which provides secure delivery of \\nhigh-volume data within and between enterprises. It is optimized for high performance file transfer of any type of data (text, EDI, binary, digital content, image) across multiple platforms, several file systems, and many different media. A large number of industries throughout the world use it to move large volumes of data and for connecting to remote offices. For more information, see “IBM Sterling Connect:Direct” on page 62 or IBM \\nSterling Connect:Direct Product Overview  manual at:\\nhttp://www.sterlingcommerce.com/documentation/home/MFT/ConnectDirect/Common/CDO\\nverview.pdf\\n/SM590000IBM Sterling Secure Proxy V3.4:\\nAn application proxy between IBM Connect:Direct nodes or between a client application \\nand an IBM Sterling B2B Integrator server. It provides a high level of data protection between external connections and your internal network. It defines an inbound node definition for each trading partner connection from outside the company and an outbound node definition for every co mpany server to which SSP w ill connect. It supports the \\nfollowing protocols: C:D, PEsit, FTP , SFTP ( SSH-FTP), FTPS (FTP over SSL/TLS), HTTP , \\nHTTPS. For more information, see “Sterling Secure Proxy” on page 24, or see the following link:\\nhttp://publib.boulder.ibm.com/infocenter/ssp/v3r4/index.jsp\\n/SM590000IBM Sterling Control Center V5.3:\\nProvides centralized management, monitoring, and notification for IBM Sterling products. \\nFor more information, see “IBM Sterling Control Center” on page 67. Y ou can also see the following link:\\nhttp://publib.boulder.ibm.com/infocenter/sb2bi/v5r2/nav/6_5\\n/SM590000IBM WebSphere MQ V7.0.1:\\nMessaging backbone that provides powerful and reliable connectivity and assured delivery \\nof messages throughout the enterprise. For more information, see “WebSphere MQ” on page 30, or see:\\nhttp://publib.boulder.ibm.com/infocenter/wmqv7/v7r0/index.jsp\\n/SM590000IBM WebSphere Message Broker V8.0:\\nHigh volume integration hub that  delivers advanced enterprise  service bus capabilities on \\nthe WebSphere MQ backbone. For more information, see “WebSphere Message Broker” on page 74, or see:\\nhttp://publib.boulder.ibm.com/infocenter/wmbhelp/v8r0m0/index.jsp\\n/SM590000IBM WebSphere Transformation Extender Design Studio V8.4:\\nUsed to develop the maps used to translate and transform data to the desired formats. For \\nmore information, see “WebSphere Transformation Extender Design Studio” on page 81, or see:\\nhttp://publib.boulder.ibm.com/infocenter/wtxdoc/v8r4m0/index.jsp\\n/SM590000IBM WebSphere Transformation Extender for Integration Servers V8.4:\\nAllows execution of maps on a variety of hardware platforms by many software products. \\nFor more information, see “WebSphere Transformation Extender for Integration Servers” on page 87, or see:\\nhttp://publib.boulder.ibm.com/infocenter/wtxdoc/v8r4m0/index.jsp Chapter 1. Introduction 7/SM590000IBM WebSphere Transformation Extender Industry Packs:\\nPrebuilt industry specific artifacts providing out of the box functionality and used to \\naccelerate map development. The packs used in the book scenarios are: \\n– EDI pack V2.8.0\\n– Healthcare pack V4.4.0\\nFor more information, see “WebSphere Transformation Extender Industry Packs” on \\npage 87, or see:\\nhttp://publib.boulder.ibm.com/infocenter/wtxdoc/v8r4m0/index.jsp\\n/SM590000IBM WebSphere DataPower ® B2B Appliance XB62 v4.0.2.1:\\nThe XB62 is a B2B enabled security gateway that makes the services of one organization \\navailable to others in a controlled and secu red manner providing capabilities such as \\nconnection security, B2B Messaging, non-repudiation and partner profile management. Additionally, it utilizes the integration services  needed to make it easy to integrate to \\ninternal systems or directly to  applications. These services built on-top of the DataPower \\nappliance form factor adds integrated networ k functions decreasing the complexity and \\ndeployment footprint of the solution. For more information, see “WebSphere DataPower XB62 appliance” on page 25, or see:\\nhttp://publib.boulder.ibm.com/infocenter/ieduasst/v1r1m0/index.jsp?topic=/com.i\\nbm.iea.wdatapower/wdatapower/1.0/xb62.html\\n/SM590000IBM Sterling File Transfer Service:\\nAllows customers to manage a single, secure, and reliable connection to reach their \\nbusiness partners without the capital expense associated with on-premise software or the operational impact on IT staff. For more information, see “IBM Sterling File Transfer Service” on page 65, or see:\\nhttp://publib.boulder.ibm.com/infocenter/sb2bsvcs/v1r0/nav/13\\n/SM590000IBM Sterling B2B Collaboration Network:\\nActs as the communications link between cu stomers and their business partners, and \\noffers a growing list of on-demand application services. For more information, see “IBM Sterling B2B Collaboration Network” on page 66, or see:\\nhttp://publib.boulder.ibm.com/infocenter/sb2bsvcs/v1r0/nav/0\\n/SM590000IBM Sterling Web Forms:\\nA customizable website operated by IBM that helps customers to integrate smaller trading \\npartners who do not have EDI capabilities. For more information, see “IBM Sterling Web \\nForms” on page 67, or see:\\nhttp://publib.boulder.ibm.com/infocenter/sb2bsvcs/v1r0/nav/9\\n1.4  Intended audience\\nThis publication is intended for anyone who want s to gain insight into integrating solutions that \\nuse IBM Sterling and the IBM WebSphere portfolios. \\nFor example:\\n/SM590000Y ou might be interested in building a new solution to meet the needs of your organization \\nand want to make use of the most powerful features of both the IBM Sterling and the IBM WebSphere portfolios. 8 End-to-end Integration with IBM Sterling B2B Inte gration and Managed File Transfer Solutions/SM590000Y ou might be involved in an acquisition or merger situation, or looking to integrate the \\ncapabilities across soluti ons that already exist. \\n/SM590000Y ou might want to eliminate redundancy of solutions across your company by integrating \\nthe best of the solutions that have already been built within different departments within your company, and these solutions make use of both technology portfolios.\\nIf any of these situations describes your expectations, or if you are just interested in the \\ncapabilities of one or th e other of these technology suites, and already use the other, you can \\nbenefit from this publication.\\n1.5  Conceptual architecture\\nFigure 1-1 shows the conceptual architecture (a lso referred as the solution architecture \\nthroughout the book) used to define each of the scenarios in this publication.\\nFigure 1-1   Conceptual architectureConceptual Architecture \\nMessage/File\\nAuthorization\\nand\\nValidationApp\\n1\\nDBs1 - nApp\\n2\\nApps\\n3 - n  Message/File\\nRemediation\\nRouting\\nTranslation\\nand\\nTransformationPerimeter\\nSecurity\\nand\\nAuthenticationDMZEnterprise Secure Zone\\nT\\nR\\nA\\nD\\nI\\nNG\\nP\\nAR\\nT\\nN\\nE\\nR\\nSA\\nB\\nS\\nT\\nRA\\nC\\nT\\nI\\nO\\nNPartner\\nIntegration\\n ZoneEnterprise\\nService\\nBusTarget\\nZone Chapter 1. Introduction 9The chosen architecture enforces message security into the organization through the DMZ. \\nThen, inside the organization, trading partner management occurs in the Partner Integration Zone. In this zone, the solution validates the file or message type against the trading partner to determine if the trading partner is authorized to send this type of information, performs validation of format, and responds with the proper acknowledgement. \\nAfter the payload is determined to be an authorized file or message, it is handed off to the \\nEnterprise Service Bus to be transformed and routed to the targeted destination. Details of what occurs in each functional area of the conceptual architecture are discussed in Part 1, “Introducing the proposed solution architecture” on page 1 of this book.\\n1.6  Business benefits\\nThe solution architecture shown in Figure 1-1 streamlines end-to-end business processes through the ability to automate the complete process. “Real world” business processes are \\ntypically “end-to-end,” involvi ng both internal employees and  systems and external people \\nand systems. The ability to st reamline end-to-end business pr ocesses reduces operational \\ncosts through automation, improves process quality (again through automation and repeatable process models) , and offers the possibility of stra tegic business transformation. In \\na sense, the solution architecture is a foundation enabler for IBM Smarter Commerce™.\\nThe solution architecture helps organizations gain a reputation of being “easy to do business \\nwith” through a flexible business integration architecture. The IBM solution architecture enables external entities to interact with a “hub” organization in virtually any style of integration, whether file-based, messaged-based, or service-based. The solution architecture supports direct partner interactions through software or mediated interactions through IBM B2B Services. This enables a hub organization to optimize its value chain and be more agile. It can respond more quic kly to changing business conditions and is more resilient to supply \\nchain disruptions.\\nThe flexibility inherent in the solution architecture also facilitates business services \\ninnovation. It enables organizations to accelerate the deployment of new business services, exposed through MFT interfaces, traditional B2B document-oriented interfaces, or more progressive real-time Web Services. It can have widespread business benefits through:\\n/SM590000Faster time-to-value for new electronic business services.\\n/SM590000Expanding the accessible market for a service globally.\\n/SM590000Enabling an organization to ta rget a different size customer  segment, for example, ability \\n(perhaps) to target the SMB world for the first time. \\nThe solution architecture, because its a general framework that can be deployed as a \\ncorporate standard, enab les reduced complexity and enhanced  IT agility. It offers a defined \\nframework for external entity interaction, enabling the strategic concept of “single view of partner” (external entity), thus reducing perceived external interface complexity for the hub organization and increasing the quality of external entity interactions.DataPower XB62:  This architecture is slightly different when using the DataPower XB62 \\nAppliance. In this scenario, the DataPowe r XB62 Appliance sits in the DMZ and moves \\nB2B Security out to the edge of the network and rejects unwanted connections and partners before they get into the secured network. So when using DataPower XB62, partner management happens in the DMZ, eliminating the need for the Partner Integration Zone. 10 End-to-end Integration with IBM Sterling B2B In tegration and Managed File Transfer SolutionsLarge enterprises typically have multiple systems (perceived as multiple “points of entry” by \\nthe external entity) used to interact with external entities. The solution architecture enables B2B architecture consolidation. It is a strategic IT cost containment initiative but also a strategic business quality improvement initiative.\\nThe solution architecture helps organizations conform to modern information security \\nmandates, which are increasingly stringent and vary geographically, by industry and even by process. The benefit here is to be able to satisfy the requirements of internal security audits as well as security expectations of external entities and governing bodies. The solution implements a robust “edge securi ty” capability, which facilitates both secure and scalable B2B \\ninteractions, and whic h provides important value-add DMZ capabilit ies beyond traditional \\n“proxy” servers.\\nBecause the solution architecture offers a strategic approach to end-to-end integration, it thus \\nprovides a sound go-forward foundation for Smarter Commerce: the classic “invest \\nstrategically, implement tactically” kind of concept. The solution architecture is extensible. It can be widely applied and widely used to leverage existing infrastructure. The solution architecture facilitates both bat ch and real-time orient ed B2B integration. As such, it enables \\nthe organization to optimize their approach to evolving traditional batch oriented processes to near real-time interactio ns. Thus, it facilitates the evolutio n toward the true digital business.\\n1.7  Overview of scenarios\\nThe scenarios cover a subset of real world deployments that can be implemented using \\nproducts from IBM Sterling and IBM WebSphere portfolios. The solutions to the scenarios are based on our experience deploying our products in the industries covered in the scenarios, and are based on the expertise gained using the products selected. The scenarios demonstrate how to integrate between the produc ts we use to solve a specific business need. \\nThese configurations fulfill busi ness requirements, IT constraint s, and other external factors \\nof each specific scenario. \\nKeep in mind that the configurations used in the scenarios are not your only option. We chose \\nthe implementation details we used to demonstrate how to integrate these specific products, yet still meet the requirements of the business. We also provide inform ation about alternative \\nconfigurations, that also meet the requirements of the various scenarios. The scenarios we chose to implement in this publication are based on use cases from the following industries:\\n/SM590000Health insurance\\n/SM590000Financial\\n/SM590000Supply Chain\\nWe also chose to show scenarios making use of cloud services.\\n1.8  Lab environment\\nThis section describes the lab environment used to implement the scenarios in Part 2 of this \\nbook. Host names as well as the operating system and release level or firmware release level are given for each host. The software stack installed on each host is also provided.  Chapter 1. Introduction 11All Windows systems have the following configuration: \\n/SM590000Lenovo M57p (machine type 9196)\\n/SM590000Intel Core 2 Duo processor\\n/SM5900008G RAM\\n/SM590000Gigabit ethernet\\n/SM590000Windows 2008 or Windows 7 64 bit\\nSee Table 1-1 for details. \\nTable 1-1   Lab environment\\nHost name Operating system/ \\nfirmware levelInstalled products/appl iances Scenario where \\nused\\nesb01.itso.ibm.com Windows 7 IBM WebSphere MQ V7.0.1\\nIBM WebSphere Message Broker V8.0\\nIBM WebSphere Transformation Extender V8.4 Chapter 7, \\n“Supply Chain \\nscenario using \\nAS2 and EDI” on page 261\\nesb02.itso.ibm.com Windows 7 IBM WebSphere MQ V7.0.1\\nIBM WebSphere Message Broker V8.0\\nIBM WebSphere Transformation Extender V8.4 Chapter 5, \\n“Health \\nInsurance \\nscenario” on page 103\\ncc01.itso.ibm.com Windows 7 IBM WebSphere Transformation Extender V8.4 \\nIBM Sterling Connect Direct V4.6\\nIBM Sterling Control Center V5.3Chapter 6, \\n“Financial \\nServices \\nscenario” on page 177\\nssp01.itso.ibm.com Windows 7 IBM Sterling Secure Proxy V3.4 Chapter 5, \\n“Health \\nInsurance \\nscenario” on page 103\\nb2b01.itso.ibm.com Windows 200 8 IBM WebSphere MQ V7.0.1\\nIBM Sterling B2B Integrator V5.2.3\\nIBM Sterling File Gateway V2.2.3\\nIBM Transformation Extender V8.4(connected to the Internet)Chapter 5, \\n“Health \\nInsurance \\nscenario” on page 103 \\nb2b02.itso.ibm.com Windows 200 8 IBM WebSphere MQ V7.0.1\\nIBM WebSphere Message Broker V8.0\\nIBM WebSphere Transformation Extender V8.4\\nIBM Sterling Connect Direct V4.6IBM Sterling B2B Integrator V5.2.3\\nIBM Sterling File Gateway V2.2.3Chapter 6, \\n“Financial \\nServices \\nscenario” on page 177\\nDataPower \\n9005/7199 \\nApplianceDataPower Firmware \\nV4.0.2.1IBM WebSphere DataPower B2B Appliance XB62 Chapter 7, \\n“Supply Chain \\nscenario using \\nAS2 and EDI” on \\npage 261 12 End-to-end Integration with IBM Sterling B2B In tegration and Managed File Transfer Solutions © Copyright IBM Corp. 2012. All rights reserved. 13Chapter 2. Enabling seamless and secure \\nintegration inside and outside of \\nthe enterprise\\nThis chapter discusses integration inside and outside of the enterprise: the cooperation with \\nexternal partners as customers and suppliers and the internal cooperation across the enterprise. Because internal and external integration require different approaches, we discuss both kinds of integr ation in distinct sections:\\n/SM590000External integration, which must be as secure as needed\\n/SM590000Internal integration, which must be as seamless as helpful\\nStarting from the conceptual architecture ex posed in 1.5, “Conceptual architecture” on \\npage 8, we discuss how the enterprise can establish safe connections to the outer world through a well equipped perimeter network. We do not discuss the construction of a DMZ in depth. But we do discuss the equipment needed there to establish safe partner operations through protocol termination and the implementati on of the “Don’t call us, we’ll call you” \\nprinciple between trusted zone and perimeter. \\nIn this chapter, we show how gateways can help to isolate the internals from the partner \\ncommunication. We show how good architecture  and implementation guidelines can help to \\nprohibit the proliferation of partner specific details into the entire enterprise. We also discuss the integration of the entire enterprise through hub or bus structures.\\nA preliminary section is included to help you cons ider general requirements and design forces \\nin terms of IT integration and B2B. You can skip this section if  you are familiar with the field, \\nor you can read it to enjoy the high level discussion of principles based on a model of vintage integration by punchcards. \\nThis chapter includes the following sections:\\n/SM5900002.1, “What are the business requirements?” on page 14\\n/SM5900002.2, “Secure cooperation with business partners” on page 17\\n/SM5900002.3, “Seamless integration inside the enterprise” on page 292 14 End-to-end Integration with IBM Sterling B2B In tegration and Managed File Transfer Solutions2.1  What are the business requirements?\\nWhat a business requires exactly in terms of internal and external integration is always based \\non the kind of business being done. Requirements depend (among others) on the following factors:\\n/SM590000Size of the enterprise\\n/SM590000Tools and skills available\\n/SM590000Tactical or strategic attitude\\nWe consider some architectural aspects, such as extensibility, scalab ility, changeability, and \\nresilience of designs, before we discuss the technical instrumentati on of the design with \\nparticular products. We discuss these aspects and others, starting from a simple model, that helps to recapture basics and un derstand issues still relevant in  today’s integration concerns.\\n2.1.1  Basic concepts and desi gn forces: A gentle introduction\\nImagine a model of vintage integration, as shown in Figure 2-1, as it used to be common in \\nthe Seventies or Eighties: two cooperating enterprises share information about catalog data. Enterprise A, a wholesaler, send s updates to stock item catal og to Enterprise B (which is \\nbuying from A) overnight by exchanging batches of punchcards or tapes. Inside both of the \\nenterprises, the operators simply used single sets of data in shared databases. \\nFigure 2-1   Introductory sample of vintage internal and external integration\\nThe vintage integration model\\nThe vintage model shows the systems connected by using the following process:\\n1. The sender produces punchcards by encoding the content of their system according to the \\ncode and protocol agreed to by the receiving end.\\nITSO Vintage Company A\\n ITSO Vintage Company B\\nTransport\\n Chapter 2. Enabling seamless and secure integration inside and outside of the enterprise 152. The sender packs and seals punchcards into a labeled and locked container and passes \\nthe container to the intermediary; for example, a courier.\\n3. The intermediary courier transports the container and delivers to the receiver as labelled.\\n4. The receiver unlocks and unseals container, and unpacks the cards from the container.\\n5. The receiver reads the cards by translating the cards into their systems.\\nWhile the basic concept is still the same, the media has changed. The content is now \\nencoded, locked into containers for transport, transported, received, unlocked, decoded, and read. \\nChoosing encoding and prot ocol: Standards, skills, tools\\nIn the early days, enterprises had to negotiate the formats and proprietary protocols they \\nwanted to use by themselves. It proved to be costly, too expansive for single enterprises, and time consuming. As a result, standards emerged for both inside and outside communication. In 1975, the Transportation Data Committee in the American National Standards Institute (ANSI) published a first standard that led to ANSI ASC X12 EDI in 1979. See the following website for details:\\nhttp://www.x12.org/x12org/about/X12History.cfm\\nSince the EDI standards have been in place for more than thirty years now, we have a lot of \\nstandards today. Standards from all the four major eras of evolution in B2B communication now occur in the field. See Chapter 7 in the PDF file at the following website for details:\\nhttp://www.redbooks.ibm.com/abstracts/sg247745.html\\nWhile many standards began as reference models for individual programming in the \\nenterprises, it proved to be too expansive for single enterprises to catch up with the development of these standards. Enterprises need to catch up with new emerging standards and have to keep old standards alive as long as there is a single partner or internal system \\nleft that has to use it. \\nThus, most enterprises make use of tools that help them to do this task. The toolmaking \\ncompany ensures that they keep pace with the standards, while the user can spend more attention on their business. \\nY ou might notice that the same pattern that occurred on the level of individual protocols and \\non the level of standards might also become relevant for tools. If too many different tools are used, it might get hard for an  enterprise to have all of the skills at hand when needed.\\nSecurity and non-repudiation\\nPunch cards or tapes used to be packed and sealed, and put into steel-boxes for transport. \\nAfter transport, the receiver first checked the seal of the box, and then opened it. The cards received did not go directly to the card reader but were reviewed to ensure that they contained the correct category of data; for instance, only data records and no programs. After reading, the punch cards were kept as proof for later audits. \\nWe rarely use physical media today, but commun icate online. So the seals, locks, and audits \\nmust provide a virtual interpretation of the transport:\\n/SM590000Encryption and decryption of online content locks it from being read by unauthorized \\npeople.\\n/SM590000Digital signatures prove authenticity, that th e content is not being changed or counterfeit, \\nsuch as a physical seal.\\n/SM590000Storing the entire communication with signature serves as proof. 16 End-to-end Integration with IBM Sterling B2B In tegration and Managed File Transfer SolutionsBecause these security measures add a certain overhead to the communication, they must \\nonly be used when necessary, but never forgotten when needed. In many situations, it is required by law.\\nLayers \\nAs an analogy, a courier driver would bring the data to the train station and hand it to the train chief for express expedition. None of the intermediary transporters had to care about the contents of the box. Their only task was to bring it to the labelled target address. Further, if the train car was shipped by ferry, the seamen would not care about the contents of the train, only about getting it to the other side. \\nToday, we might see situations where six or more protocols layers are wrapped over each \\nother, much like a set of Russian stacking dolls. Each level needs appropriate tools to encode, decode, and wrap acco rding to the rules expected. A familiar example would be a \\nSOAP-Web service over HTTPS over TCP/IP , or sending files as MQ messages. \\nTo the outside of the enterprise, the choice of transport depends on how your external trading \\npartners are reached, and what both partners are willing to inve st into the pa rtnership. The \\nmore flexible you are in your IT connectivity, the more choices your business has to choose \\npartners for reasons other than only being in reach. \\nInside the enterprise, the decision is up to the enterprise itself. Standardization would be a \\ngood approach, because the more ways you use to connect, the higher the costs are. The fewer different networks and protocols you maintain internally, the cheaper it is for you to do the work. \\nReliability and transaction security\\nIn the vintage model, the operators at the sending end notified the receiving about the number of punchcards or records to be transferred. The receiving end checked the card reader for completeness of the transaction. The operators took care that all cards were read “exactly once, and only once”. If necessary, they repunched damaged cards or rejected the whole batch. \\nWhen we consider current inte gration technology, we ask for the degree of reliability and \\ntransactional safety the technology offers. Beca use this reliability has its costs in terms of \\nlatency and resource  consumption, we have to decide w here a high degree of reliability is \\nnecessary and, conversely, where a low degree can be used when a simpler solution is sufficient. \\nTimeliness of delivery \\nThe partners in the vintage integration model synchronized their data every night. This form of cooperation still exists today as a nightly exch ange of large files, suitable for instance to \\nbootstrap master file data. The masterfile data is characterized by the fact that changes are rare. The enterprises often define the time when master data can change. \\nFile based integration  is well known and straighforward to understand, but not the fastest \\noption. Reliability can be a problem, when unma naged file based protoc ols such as FTP or \\nSFTP are used. Protocols with less overhead, such as remote procedure call or messaging \\nprotocols, are more suitable. \\nToday there are many cases where it is vital to keep the synchronization gap as short as \\npossible; for example, when propagating stock exchange data. In these times of online brokerage, getting the stock rate from last night is not helpful. It is the type of data that needs the shortest synchronization gap possible to get the latest rate.  Chapter 2. Enabling seamless and secure integration inside and outside of the enterprise 17The following questions need to be asked: \\n/SM590000How often must the systems communicate?\\n/SM590000How large are the chunks of information exchanged? \\n/SM590000Are users or systems waiting until their partner system has processed the request? \\nConcerning timeliness, we need to distinguish these parameters:\\n/SM590000Real time\\n/SM590000Near real-time\\n/SM590000Bulk and batch\\n/SM590000Store and forward\\n/SM590000Resend\\nLoose coupling: Th e need to separate \\nIn the vintage model, the companies used single monolithic systems. Inside the enterprise, all \\nusers were working on the same database for all purposes. With growing requirements, this eventually led to severe problems and the systems became unmanageable. After recognizing that issues emerged from too much concentrati on of logic and data, as happens so often in \\nhistory, just the opposite effect resulted; logic and data were distributed all over the enterprise. Today, we can learn from both eras, that too much or too little integration can both cause trouble. \\nWhen discussing integration, it is important to keep in mind cooperation of distinct systems in \\na way that they cooperate seamlessly only in a certain aspect, while staying as independent as possible. These smaller systems are more resilient to change and easier to maintain than the larger systems, because decoupling increa ses the flexibility. De coupling is a major \\nsystem design consideration to be kept in mind, particularly for internal communication. \\nShared databases  guarantee timeliness, but are problematic in terms of security and tight \\ncoupling systems through the use of a common data definition. Remote procedure  call is also \\nproblematic, unless the coupling is loosened by a intermediate layers, as with Web services.\\nThe coupling is always tight when systems comm unicate directly with each other, because \\nthey need to understand a common data format then. Intermediates such as integration hubs and brokers help to connect systems in a way that they remain loosely coupled in that sense. \\nLoose coupling is most relevant when the speed of change in an enterprise is very high.\\n2.1.2  Conclusion\\nThe basic principles might have changed less then expected, but there are some major \\ndifferences today compared to the beginnings of electronic data interchange: \\n/SM590000Agility\\n/SM590000Scale \\n/SM590000Exposure\\nToday, we need to be very flexible and very fast, and we have to address integration tasks that \\nare far beyond what IT specialists in the past might have imagined. And, with the advent of Internet connectivity, we are much more exposed to the risk of attacks. \\n2.2  Secure cooperation with business partners\\nThe use of the term cooperation  instead of integration  emphasizes the obvious difference \\nbetween external and internal communication. Between enterprises, there must be well defined borderlines to be compliant with both company\\'s security requirements as well as with any legal mandates that each company must follow. 18 End-to-end Integration with IBM Sterling B2B In tegration and Managed File Transfer SolutionsSecurity in B2B cooperation has the following meanings:\\n/SM590000Data security : Data is kept safe from being read or changed by unauthorized accesses.\\n/SM590000Authentication of partners and messages : Provide access only to designated parties.\\n/SM590000Authorization : Grant access to only the resources allowed to be used by the partner.\\n/SM590000Non repudiation : Provide proof of data origination and receipt.\\n/SM590000Threat protection : Protect against the many external attacks that communicating over a \\npublic network can present; for example, Denial  of Service, malicious content, and so on. \\nAs described in 1.5, “Conceptual architecture” on page 8, we suggest connecting to partners \\nthrough a combination of technical security and functional isolation:\\n/SM590000The technical security function of a perimeter network (DMZ) compares to the function of a \\nguarded door. Those who want to enter can present their entry credentials, the doorman screens them for obvious security threats, but they do not do their business with the doorman. \\n/SM590000The gateway function is located at a place comparable to a counter behind the guarded \\ndoor, where the actual business exchange takes place. Besides the security aspects that it obviously has, it separates the concerns and spheres of the business partners. Externals \\nare neither entitled nor capable of interacting directly with back office functions. At the counter, they meet front office representatives, who know the external business as well as the internal and mediates for the back offices. \\nProducts such as IBM WebSphere DataPower can provide both the perimeter security and \\ngateway functions in a single device. It is due to the nature of an appliance form factor; most software solutions must distribute each function to remain secure. \\n2.2.1  Technical security function\\nIn information security, the demilitarized zone (DMZ) or network perimeter is a small network \\nsituated between a trusted network and an untrusted one, usually between the LAN and the Internet. The function of a DMZ is to keep all services that have external access (such as HTTP , FTP , mail, and so on) separated from the local network, thus limiting the potential damage in case of compromise of any of these services by an attacker. To achieve this goal, the computers present in a DMZ must not contain any form of local network access.\\nThis configuration is accomplished through the use of equipment in the firewall, which make \\nthe control of access between the local network, the Internet, and the DMZ (or in one generic model, between the two networks to be separated and the DMZ). The equipment in the DMZ can be a dedicated switch or a shared network switch, but in the latter case, it must be set up in separate virtual networks (VLANs) within the equipment.\\nDMZ systems\\nThe system inside of the DMZ has the ability to connect to external partners using a wide \\nrange of standard and non-standard connecti on protocols. The protocols used can vary, \\ndepending on the technologies used in DMZ. Those systems in the DMZ are used as intermediaries for requests from clients. They act as proxies forwarding the requests or files to and from servers inside of the protected network zone. In many cases, they terminate the external connection and perform bridging betwe en protocols on the front-side to protocol on \\nthe back-side. \\nThe DMZ is also called a \\nperimeter  network. Like a perimeter, it allows you to be in contact \\nwith the outside, without being seen as a whole. You can also compare the perimeter zone to the manual process in the vintage model, as discussed in “Security and non-repudiation” on page 15. Any communication, such as incoming cards, are reviewed before they are read to the card reader and are allowed to change data in the core.  Chapter 2. Enabling seamless and secure integration inside and outside of the enterprise 19Requirements for DMZ systems\\nSystems exposed in the DMZ typically include these requirements:\\n/SM590000No files ought to be at rest in the DMZ unless they are encrypted.\\n/SM590000If connections are needed from systems in the DMZ to systems in the secured network, \\nlock the inner firewall to only allow data to be passed from the DMZ system\\'s IP and Port.\\n/SM590000Isolate internal and external connections on separate Ethernet adapters.\\n/SM590000Use IP filtering at the outer firewall to only accept data from known IP addresses.\\n/SM590000Perform session breaks and protocol termination in the DMZ.\\n/SM590000Key management; keep public keys of partners and your own private keys secure.\\n2.2.2  Gateway function\\nThe gateway does what a front desk does in a shop organization. The gateway function is \\nenabling the isolation of partner data from its own data. It assures a single view to the partner from the inside, much as the enterprise service bus assures a single view to the inside for partners and internal participants. Figure 2-2 shows this function.\\nFigure 2-2   Gateway interaction pattern Security:  IBM Sterling has the ability to provide ad ded security by using software that \\nlimits the need to open holes through the inner firewall. Sterling Perimeter Services establishes outward-in connectively from within the secured network to the DMZ.\\n 20 End-to-end Integration with IBM Sterling B2B In tegration and Managed File Transfer SolutionsStopping proliferation of partner logic into the internal network\\nBusiness agility is the flexibility to add customer s at a fast pace and change suppliers when \\nthe business needs it, not when the informat ion technology is finally available. A major \\nprecondition to becoming agile is to define a place where all particular things about single \\ncustomers or partners are handled. The gateway is the place designed for that task. \\nA single view of the partner\\nWhat does it mean when we say that a gateway maintains a single view of the partner regardless of its particularities? It means that we use an abstraction. We do not consider them as single partners, whether they are customer or supplier, but classify them into categories. The particularities are hidden under a single enterprise-wide facade. We do much the same when we define service abstraction in the internal network. \\nHow service abstraction is done\\nThe abstraction of different partner applications into a limited set of services happens on different levels:\\n1. Identify and assign: Identifying your abstract services candidates and assigning particular \\nimplementations of your partners to the internal service\\n2. Convert technically: Conversions of transport protocols and encoding\\n3. Translate semantics: Translations of field names and values\\nThe first step only happens when you begin to work in a service oriented manner, and when \\nnew business fields are added. A simple example of this step is to abstract the ordering of goods from various suppliers into a single service definition. In the rare case, all of your suppliers would use the same EDI standards, but different transport protocols, you would only need to do technical conversions. In most cases, semantic translations are necessary. \\nNon repudiation\\nNon repudiation has been discussed in the context of security aspects. This term refers to the archiving of information for the purpose of proofing the contents and time of a certain communication. That can be necessary in the result a dispute; for example, when a customer denies an order because they do not want to pay for goods you have delivered. In such cases, you are challenged to show proof of the order. \\nTechnically, a widely used form of non repudiation proof is to save a copy (a hash) of the \\nincoming message with the message digest that is generated with the private key of the sender. Because the private key is only known to the sender, and the hash (message digest) is a unique product of exactly the message to be proofed, it is a suitable method.\\n2.2.3  Technology choices\\nThe technology choices for the perimeter network and gateway are shown in Table 2-1.\\nTable 2-1   Technology choicesTip: Prepare for future changes in your partner service definitions. Include explicit version \\nnumbers in your service definitions. \\nSterling B2B \\nIntegratorSterling Secure \\nProxyWebSphere \\nDataPower XB62\\nDMZ component Perimeter server proxy \\nonlyProxy Hardware appliance Chapter 2. Enabling seamless and secure integration inside and outside of the enterprise 21The products mentioned Table 2-1 on page 20 are introduced in depth in the following \\nsections.\\nSterling B2B Integrator\\nIBM Sterling B2B Integrator offers perimeter security, gateway, and transformation engine in one product. It automates business processes shared with trading partners. The goal is automation of the complete “buy-sell-ship-pay” process that involves a range of documents and business processes, which include not just the buyer or seller of the goods/services, but also banks and third party logistics companies. The solution automates these processes and provides visibility into data and processes shared  with external entities.\\nSterling B2B Integration can address the following issues:\\n/SM590000Manual paper based processes\\n/SM590000Lack of visibility\\n/SM590000Limited internal resources\\n/SM590000Inefficient partner onboarding\\nCapabilities of Sterling B2B Integrator include the following features:\\n/SM590000Security features:\\n– Identity management, including authorization and authentication\\n– Perimeter security at DMZ traversal– Role-based data access and system operation– Secured mailboxing repositoryTrusted network \\ncomponentConfiguration, \\nmapping, translation, and so on. (See \\n“Sterling B2B \\nIntegrator” on page 21)Configuration \\nManagerConnect from a thin \\nclient for configuration. The XB62 typically sits \\nin the DMZ and has no \\nrequirement for \\nanything in the trusted \\nzone; it can integrate directly to the internal \\nESB or application. \\nProtocols and \\nstandards supportedWide range Selected Wide range. The only \\nthing Sterling B2B \\nIntegrator has that XB62 does not have is \\nConnect:Direct \\nprotocol.\\nPartner profiles Yes No Yes\\nStrength versatility and \\nscalabilityadds extra perimeter \\nsecurityLow leniency, highly \\nsecure, ease of install, \\nease of maintenance\\nPartner Self service Password \\nmanagementPartner transaction \\nvisibility and resend capabilities\\nCryptographic \\naccelerationHardware based \\naccelerationSterling B2B \\nIntegratorSterling Secure \\nProxyWebSphere \\nDataPower XB62 22 End-to-end Integration with IBM Sterling B2B In tegration and Managed File Transfer Solutions– Data transport security (SSL, SFTP/SSH) and data encryption (S/MIME and PGP) \\nsupport\\n– Non repudiation using the AS2 (Applic ability Statement 2)  or AS3 protocol\\n– Digital signature support– Message- and transport-level security based on WS-Security 1.0 compliance, including \\nWS-I Basic Profile 1.1 and Basic Security Profile 1.0\\n/SM590000Communication features:\\n– B2B communication protocols: Web services (SOAP), S/FTP/S client and server, \\nHTTP and HTTP/S, SMTP (Simple Mail Transfer Protocol), AS1, AS2, AS3 and RosettaNet, WebDAV, Zengin TCP/IP , IBM St erling Connect:Direct, EBICS (Electronic \\nBanking Internet Communication Standard)\\n– Policy-based file transfer– Multi-gigabyte file handling– IPv6 compatible\\n/SM590000Business process management:\\n– Graphical process modeling tool\\n– Business process execution engine– Process abstraction (layered modeling and component reuse)\\n/SM590000Integration and transformation:\\n– Multi-purpose data transformation engine\\n– Traditional EDI: X12, EDIFACT, CII, TRADACOMS, and Verband der \\nAutomobilindustrie (VDA)\\n– XML standards: OAGi, CIDX, PIDX, and RosettaNet– Internet standards for B2B data exchange: RosettaNet RNIF , ebXML, 1SYNC, and \\nEBICS (France)\\n– XSLT service to transform XML documents– Supports WTX translations– Graphic data mapping tool– Virtually unlimited file size (up to 50 gigabytes)– Validation of inbound and outbound data based on HIPAA rules defined for Level 1 – \\nLevel 6\\n– Intelligent (cont ent-based) routing\\n– Interoperable with .Net 1.1/2.0, Axis 1.x/2.0, Xfire 1.2.6 and Java EES\\n/SM590000Community management:\\n– Manage and grow trading partner communities\\n– Centralized visibility into trading partner communities\\n– Reduce error rates– Digital certificates deployment– Customizable partner configuration– Intelligent onboard ing with partner self-provisioning \\n/SM590000Application extension and customization:\\n– Web services: Support for SOAP , WDSL\\n– Integrated Development Environment (IDE): Tool to speed custom app/dev work– Software Development Kit (SDK): Toolkit to create your own adapters to systems\\n/SM590000More than 300 comprehensive connectivity adapters:\\n– Enterprise applications:\\nSAP (BAPI, IDOC, and Netweaver), Oracle, Manu gistics, PeopleSoft, Siebel, Vantive, \\nJD Edwards, I2, IBM Sterling Connect:Direct, IBM Sterling Connect:Enterprise™, IBM Sterling Gentran:Server®, GXS, IBM Chapter 2. Enabling seamless and secure integration inside and outside of the enterprise 23– EAI messaging platforms\\n– IBM WebSphere MQ, Oracle AQ, BEA Tuxedo, TIBCO Rendezvous, Vitria \\nBusinessware, WebMethods Enterprise, Microsoft MSMQ, JMS Queue and Topic Technology, JDBC, CORBA, LDAP , command line, file system, EJB, RMI, SNMP trap, IBM CICS®, JCA CCI, SSO, JSA, IM (Instant Messaging)\\n/SM590000Monitoring:\\n– Monitoring with alerts for Sterling Integrator™ resources, including system status, \\ndatabase growth, and average business wait time\\n– Running or restarting any failed or halted business process– Initiating key functions such as managing lock resolution for users and resources, \\ninitiating thread/ heap dumps, and turning logging on and off\\nSterling File Gateway\\nSterling File Gateway is an application for transferring files between partners using different protocols, file naming conventions, and file formats. It moves large and high-volume file transfers, with end-to-end visibility of file movement, in a process-oriented and \\nhighly-scalable framework. It also alleviates file  transfer challenges, such as protocol and file \\nbrokering, automation, and data security.\\nSterling File Gateway supports integration with Sterling B2B Integrator Mailbox, Sterling \\nControl Center, Sterling Connect:Enterprise for UNIX server products, Sterling Secure Proxy and Sterling Connect:Direct. Sterling File Gateway is an add-on to the Sterling B2B Integrator platform with a unique application URL that provides single sign-on access to the Sterling B2B Integrator administrative console through menu selection.\\nSterling File Gateway allows organizations to ta ke complete control over file transfers with \\ntrading partners. Built on Sterling B2B Integrator, Sterling File Gateway offers a scalable architecture and a centralized file gateway with the capabilities nece ssary to monitor, \\nadminister, route, and transform high volumes of inbound and outbound files.\\nWith Sterling File Gateway, the benefits of a standardized file transfer approach extend \\nbeyond the reliable and secure transmission of files with trading partners. A centralized gateway enables the consolidatio n of disparate file transfer activity. Intellig ent routing and \\ncontent-driven transformation  capabilities help optimize file delivery processes. \\nSubsequently, IT staff and users become more efficient, and platform consolidation helps reduce total cost of ownership.\\nHow Sterling B2B Integrator and St erling File Gateway work together\\nWithin Sterling File Gateway, Sterling B2B Integrator is known as the B2B Console and is \\naccessed from the Tools menu. Administrative functions, such as creating and managing user accounts, permission groups, and security keys for Sterling File Gateway, are handled in Sterling B2B Integrator.\\nSterling File Gateway uses the following Sterling B2B Integrator communication adapters:\\n/SM590000 FTP Server\\n/SM590000 FTP Client\\n/SM590000 SFTP Server\\n/SM590000 SFTP Client\\n/SM590000 HTTP Server\\n/SM590000 HTTP Client\\n/SM590000 Connect:Direct server\\n/SM590000 Command Line adapter 2 (for PGP) 24 End-to-end Integration with IBM Sterling B2B In tegration and Managed File Transfer SolutionsSterling Secure Proxy \\nIn the scenarios in this book, Sterling Secure Proxy acts as an application proxy between the \\nexternal partners and the Sterling File Gateway server. It provides a high level of data protection between the external connections and an internal network. It allows the organizations to create firewall rules in order to prevent trading partners from obtaining direct access to their inter nal backend systems.\\nSterling Secure Proxy is an application proxy that secures and shields your trusted network \\nfrom external attacks by preventing direct communications between trading partners and internal servers. Sterling Secure Proxy provides demilitarized zone-based (DMZ) authentication, session breaks, and SSL terminations prior to allowing communications with the trusted network. It allows you to protect your trusted zone from unauthorized access by enforcing even tighter controls with multifactor authentication.\\nCapabilities of Sterling Secure Pr oxy include the following features:\\n/SM590000Application proxy:\\n– Resides in the demilitarized zone (DMZ ) and supports multip le DMZ environments\\n– Meets customer requirements for all-electronic data transfer– Supports FTP , FTPS, HTTP , HTTPS, SSH/SFTP , PeSIT, and Connect:Direct protocols– Supports IBM Sterling Connect:Direct, IBM Sterling Connect Express and IBM Sterling \\nB2B Integrator servers\\n/SM590000Firewall navigation:\\n– Prevents inbound holes in the firewall\\n– Minimizes rich targets in the DMZ by ensuring that files, user credentials and data are \\nnot stored in the DMZ\\n– Establishes sessions from more-trusted to less trusted zones– Enforces internal and external security policies\\nFigure 2-3 provides an example.\\nFigure 2-3   Sterling Secure Proxy Session breaks\\nTrusted Zone DMZ\\nSSL S essio n  wi th  \\ntrading partnerSepa rate SSL Session with \\nendpoint in trus te d z one\\nSSL Authentication \\ntakes place in DMZSt erling Secure Proxy Tradin g Pa rtne r\\nHTTP STradin g Pa rtne r\\nFTPS\\nInternet\\nIB M Sterling I ntegr ator\\nIBM St e rling File Gateway\\nConn ect:Direct\\n Chapter 2. Enabling seamless and secure integration inside and outside of the enterprise 25/SM590000Perimeter security:\\n– Session break and protocol validation: Prevents direct communications between \\ninternal and external sessions by establishing SSL session breaks in the DMZ, as shown in Figure 2-3.\\n– Inspects protocol and sensitive control information, enabling configurable error \\nhandling for protocol violations.\\n– Certificate validation and authentication: Authenticates incoming connections using the \\nSSL or TLS protocol. Exchanges and validates certificates prior to allowing a separate connection to the trusted zone.\\n– Multifactor authentication: Enforces tight controls with strong validation of trading \\npartner identity in the DMZ using IP address, CRL checks, and custom lookups with options to interface with external user datab ases such as LDAP , Active Directory and \\nIBM Tivoli® Access Manager.\\n– Session limits and data encryption: Ensures business continuity and guards against \\nDenial-of-Service attacks with support for SSL and TLS encryption algorithms.\\n– User ID mapping: Protects internal applications by mapping trading partner user IDs \\nand passwords to user IDs and pass words valid for internal systems.\\n/SM590000Clustering:\\n– One central configuration manager pushes out configuration rules to multiple engines \\nrunning in the DMZ, making it easy to scale.\\n– Clustering for high availability and load ba lancing provides operational continuity and \\nimproved performance.\\nSterling Secure Proxy is suitable for the technical part of security described in the DMZ. it \\ndoes not provide the isolation features needed in a gateway. As a gateway, Sterling Connect:Direct and Sterling B2B Integrator can be used. \\nWebSphere DataPo wer XB62 appliance\\nLike Sterling B2B Integrator, WebSphere DataPower XB62 offers DMZ and gateway \\nfunctionality. Because the WebSphere DataPower appliance is a firmware hardened appliance it provides a different approach by  centralizing and consolidating the gateway \\nfeatures in the DMZ. Y ou can quickly access new customers and new routes to market with standards-based trading partner management. In hi ghly sensitive applications, cryptographic \\nkeys require the enhanced protection of certified FIPS 140-2 Level 2 or Level 3 hardware security modules (HSMs). The WebSphere DataPower XB62 appliance includes an HSM option. It augments the powerful authenticati on and SOA security capability of DataPower to \\nfurther protect organizations’ data.\\nHere are the main features of WebSphere DataPower XB62 appliance:\\n/SM590000Broad connectivity:\\n– HTTP / HTTPS support (including SSL termination)\\n– Supports WebSphere MQ 7 softw are-based high  availability\\n– Supports WebSphere MQ Channel exits for increased security– Secure File Transfer  Protocol (SFTP) client and polling support\\n– SFTP Server Service\\n– Improved transactional integrity with IBM IMS™ Connect– FTP and FTPS support for both client and server side connections\\n– Database connectivity\\n– WebSphere Java Messaging Service– Tibco Enterprise Message Service (requires Option for Tibco Enterprise Message \\nService)\\n– SMTP and POP support 26 End-to-end Integration with IBM Sterling B2B In tegration and Managed File Transfer Solutions– MQFTE Client Connections\\n– Network File System (NFS)\\n/SM590000Support for multiple authentication and authorization mechanisms:\\n– WS-Security, WS-Security Policy, and Extensible Access Control Markup Language \\n(XACML)\\n– SAML 1.0, 1.1, and 2.0– S/MIME digital signature and encryption– XML digital signature and encryption– Integration with Tivoli Access Manager (requires Option for Tivoli Access Manager)– Full support for WS-Proxy validation of Message Transmission Optimization \\nMechanism (MTOM)-based SOAP messages\\n– Increased WS-Security interoperability with WebSphere Applic ation Server and \\nMicrosoft WCF framework\\n/SM590000Business to business:\\n– Support for AS1, AS2, AS3, and ebMS\\n– Trading partner management– Support for ebXML Collaboration Protocol Profile and Agreement v2.0 – Support for EDI X12, EDIFACT and XML B2B payloads– B2B transaction visibility in an easy to use B2B Transaction Viewer\\n/SM590000Data transformation and validation:\\n– Native XML Schema and WSDL validation\\n– XSLT-based transformations– Any-to-any transformation using WebSphere Transformation Extender– Supports DPA maps created in WTX Design Studio– Supports type trees from the HL7 Industry pack\\n/SM590000Interoperability:\\n– Flexible subscription support for service metadata stored in external repositories such \\nas WebSphere Service Registry and Repository (WSRR)\\n– Support for WS-Policy attachments authored within WSRR– Local mode support when integrating with Tivoli Access Manager– Full support for WS-Proxy validation of MTOM-based SOAP messages\\n– Increased WS-Security interoperab ility with WebSphere Application Server\\n– Integration with WebSphere Integration Developer for the development and \\ndeployment of XSLT transformations\\n– Improved integration with WebSphere Transformation Extender– Integration with WebSphere Application Accelerator for Public Networks for optimal \\ndelivery of web and Web 2.0 applications across the public Internet\\n– Integration to IBM z/OS\\n®\\n– Enhanced Integration to WebSphere MQ File Transfer Edition– Granular import and export capabilities\\n– Deployment policies providing dynamic configuration changes upon import– Ability to configure the appliance in a We b GUI, using Command Line or using a SOAP\\n/SM590000Enhanced manageability:\\n– Simplified backup and restore process\\n– Java-based appliance management API with support for Jython– Granular logging capabilities– Probe to trouble process flow– SMTP Traps for monitoring appliance health and transaction statistics– Service Level Management allowing data shaping, throttling, or rejection  Chapter 2. Enabling seamless and secure integration inside and outside of the enterprise 272.2.4  Small enterprises\\nWith tight budgets and limited skill resources, sm all enterprises tend to  choose a B2B solution \\nthat combines all of the needed functionality in one product and is easy to manage. \\nSterling B2B Integrator offers a wide range of functionality with protocols and standards \\nsupported. It comes with perimeter security at DMZ traversal out of the box. The perimeter server comes as integral part of the product, but the component can be installed on a different system in DMZ, separated from the Sterling B2B Integrator server. \\nThe perimeter service terminates the protocol in the DMZ and route the payload to the server \\nusing an internal protocol to Sterling B2B Integrator. It is configured only by the main Sterling B2B Integrator. Sterling B2B integrator calls the Perimeter Server from inside to establish the session. Data then flows between them in both directions. \\nFigure 2-4 provides details.\\nFigure 2-4   Sterling B2B Integrator perimeter server as session breaker\\nAs IBM offers cloud-based, hosted Sterling B2B Services, it is also an alternative for small \\nbusinesses who do not want to maintain their own installation and DMZ security. The hosted services guarantee defined levels of reaction to security threats and proactive security, such as updating to the newest levels, that otherwise can be hard to achieve for a small business.\\n2.2.5  Medium and large enterprises\\nMedium enterprises face different workloads and might need to scale up their infrastructure. They also can begin to combine products to make better use of product specific strengths, such as large enterprises. \\nSterling B2B Integrator clustered\\nTo scale for higher loads, additional instances of Sterling B2B Integrator can be added to work in a Sterling B2B integrator cluster. The two instances are much like a single logical node, and there is load balancing organized from the perimeter server and a tight band between the nodes, where load information is constantly exchanged. It happens through JMS communication.DMZEnterprise Secure Zone\\nT\\nR\\nA\\nD\\nI\\nN\\nG\\nP\\nA\\nR\\nT\\nN\\nE\\nR\\nSPartner\\nIntegration\\nZone\\nSterling\\nB2BI \\nPerimeter\\nServiceSterling\\nB2B\\nIntegrator DMZEnterprise Secure Zone\\nPartner\\nIntegration\\nZone\\nPerimeter\\nserverSterling\\nB2B\\nIntegrator  28 End-to-end Integration with IBM Sterling B2B In tegration and Managed File Transfer SolutionsFigure 2-5 provides details.\\nFigure 2-5   Sterling B2B Integrator clustered\\nSterling Secure Proxy use\\nWhen a significant amount of the B2B load is lifted using the FTP , FTPS, HTTP , HTTPS, \\nSSH/SFTP , PeSIT, and Sterling Connect:Direct protocols, the enterprise can use Sterling \\nSecure Proxy to achieve additional perimeter security. \\nIf a high amount of Connect:Direct file transfers is to be handled, the enterprise might want to \\nuse the standalone Connect:Direct server instead of the additional Sterling B2B Integrator Connect:Direct service. To place a Connect:Direct server into the DMZ would be a security risk, because it would expose files, user credentials, and data. \\nWhen the enterprise uses a multitude of clustered installations, Sterling Secure Proxy can \\ndistribute the configurations from a central Configurations Manager inside the trusted zone to all instances of Sterling Secure Proxy in the DMZ. \\nWebSphere Data Power XB62 use \\nThe WebSphere DataPower B2B Appliance is well suited for use in the DMZ because it is a \\nnetwork security device that adds security gateway and integration functions in a tamper resistant hardware form factor. Additionally, it provides the option of being able to store private keys on a Hardware Security Module (HSM). Additionally, any sensitive data at rest in the DMZ on the device is stored AES encrypted.\\nThe DataPower appliance can pe rform, not only some decryption and encryption tasks at \\nvery high velocity, but also other mappings close to or even at wire speed. For a number of a protocols and standards, it delivers a complete solution. With others, it can be used as security and speed enhancer in cooperation with Sterling B2B Integrator.\\nBecause of its special hardened architecture as a firmware appliance, the DataPower is safe \\nto do tasks in the DM Z that otherwise woul d not be done there. Enterprise Secure Zone\\nSterling\\nB2B\\nIntegrator DMZEnterprise Secure Zone\\nT\\nR\\nA\\nD\\nI\\nN\\nG\\nP\\nA\\nR\\nT\\nN\\nER\\nSSterling\\nB2B\\nIntegrator \\nSecure \\nProxySterling\\nConnect:Direct Perimeter\\nserverSecure \\nProxy\\nSP Config ManagerPartner\\nIntegration Zone Chapter 2. Enabling seamless and secure integration inside and outside of the enterprise 29Figure 2-6 provides details.\\nFigure 2-6   WebSphere DataPower XB62 in a DMZ perimeter zone\\n2.3  Seamless integration inside the enterprise\\nWhen dealing with internal integration, you need to determine how internal systems within the \\nenterprise need to cooperate with each other and with the external partners. The technical setup of the communication is important, but it is even more important to consider the strategic and organizational aspects associated with it. \\nWhen talking about the seamless integration inside the enterprise, we need to consider two \\nimportant concepts:\\n/SM590000Messaging\\n/SM590000Enterprise Service Bus\\n2.3.1  Connectivity matters: Messaging\\nIf we consider connectivity in a modern medi um or large enterprise, we might have to \\nexamine a significant number of different network protocols. Most of them are based on the IP protocol. Other base protocols, such as SNA, might only be relevant in smaller parts of the topology. But on top of the base of IP protocol, a large number of different protocols can be used. If you allow the connectivity to grow wild as  projects demand it in the first request, you \\ncan end up with a connectivity tangle that is very hard to manage or can even be called unmanageable:\\n/SM590000Firewall administration becomes a tricky job; the rules list grows longer and longer.\\n/SM590000Loads generated by different tasks of different importance are transported at the same \\nwith undifferentiated service levels.Enterprise Secure Zone\\nSterling\\nB2B\\nIntegrator DMZEnterprise Secure Zone\\nT\\nR\\nA\\nD\\nI\\nN\\nG\\nP\\nA\\nR\\nT\\nN\\nE\\nR\\nSSterling\\nB2B\\nIntegrator \\nSecure \\nProxyPerimeter\\nServerWebsphere MQ\\nSterling\\nConnect:Direct Websphere\\nDatapower\\nXB62 30 End-to-end Integration with IBM Sterling B2B In tegration and Managed File Transfer SolutionsIn particular, the situation described in the second bullet can lead to very bad effects: If a \\nserver hosting a customer order application is unresponsive because a router it is attached to is busy doing something that is not urgent (s uch as a database backup), the enterprise might \\npay fines for missing a service level agreement. There are different mitigations for such risks, such as separating the transport routes by adding hardware or managing communications more efficiently. \\nWe think that the use of messaging can be an excellent choice for managing all \\ncommunications by standardized means. Messaging can \\nwrap  other forms of \\ncommunications and give the administrator a single point of management. Because messaging is not transient, communication can be replayed when needed. We discuss WebSphere MQ based messaging in this section. Many of the features mentioned here are also available in the Java based messaging, as in the WebSphere Application Servers Service Integration Bus.\\nWithin MQ, you can distinguish the service leve ls for messages by t he required reliability, \\nspeed, and security at different levels, but with a single point for maintenance and monitoring:\\n/SM590000Y ou can vary the level of persistence from a hardened state. It is designed to recover \\nmessages also after severe errors, over a medium, where messages survive queue manager restarts to “not persistent,” where messages are not kept when the queue manager is stopped.\\n/SM590000The speed of messages can be varied by the bat ch size of transmission batches, priority \\nflags, and the assignment of fast transmission means such as separate TCP/IP channels. \\n/SM590000Security is managed on a per message base by encrypting and signing payload from \\nend-to-end, or on channel base, by encrypting and signing the whole channel traffic only between queue managers. \\n/SM590000Very large chunks of data, such as large files, can be split into a number of smaller \\nmessages, to prevent the large payload from blocking a communication channel completely for a long time. \\n/SM590000Messages can carry an “expiration” flag. For example, messages related to an online \\ncommunication would expire when the online dialog has a timeout, to guarantee that no obsolete traffic clutters the network.\\n/SM590000If you want, message expiration can be reported to notify the operators.\\nThese examples are taken from the toolbox that WebSphere MQ brings, helping you to wrap \\nother protocols within WebSphere MQ. If you ar e not familiar with WebSphere MQ, read the \\nfollowing section for more information.\\n2.3.2  WebSphere MQ\\nWebSphere MQ is the market-leading messaging integration middleware product. Over more \\nthan 15 years, WebSphere MQ (or MQSeries® as it was known in earlier versions) has grown to provide flexible and reliable solutions that address the wide range of requirements introduced in the previous chapter.\\nA message queuing infrastructure built on WebSphere MQ technology provides an available, \\nreliable, scalable, secure, and maintainable transport for messages with guaranteed once-only delivery. Many enhancements have been added to WebSphere MQ during its evolution in the marketplace:\\n/SM590000WebSphere MQ Clients: Enables an application to connect remotely or locally to a \\nWebSphere MQ queue manager.\\n/SM590000Publish/Subscribe: Increases messaging capab ility from point-to-poi nt messaging to a \\nless coupled style of messaging. Chapter 2. Enabling seamless and secure integration inside and outside of the enterprise 31/SM590000MQ Clusters: Allows multiple instances of th e same service to be hosted through multiple \\nqueue managers, to enable load-balancing and fail-over and simplify administration.\\n/SM590000Secure Sockets Layer support: SSL protocol can be used to secure communication \\nbetween queue manage rs or MQ Client.\\n/SM590000Diverse platforms: WebSphere MQ supports a wide range of operating system platforms.\\nCore concepts of WebSphere MQ\\nData is transferred between applications in messages. A message is a container consisting of \\ntwo parts:\\n/SM590000MQ Message Descriptor: Identifies the message and contains additional control \\ninformation such as the type of message and the priority assigned to the message by the sending application.\\n/SM590000Message data: Contains the application data. The structure of the data is defined by the \\napplication programs that use it, and MQ is largely unconcerned with its format or content. \\nThe nodes within a WebSphere MQ message queuing infrastructure are called queue \\nmanagers. The queue manager is responsible for accepting and delivering messages. Multiple queue managers can run on a single physical server or on a wide network of servers across a large variety of different hardware and operating system platforms.\\nEach queue manager provides facilities for relia ble messaging using both  point-to-point and \\nPublish/Subscribe styles.\\nThe queue manager maintains queues of all messages that are waiting to be processed or \\nrouted. Queue managers are tolerant of failures and maintain the integrity of business-critical data flowing through the message queuing infrastructure.\\nThe queue managers within the infrastructure are connected by logical channels over a \\ncommunications network. Messages automatically flow across these channels from the initial producer of a message to the eventual consumer  of that message based on the configuration \\nof the queue managers in the infrastructure. Changes can be made to the configuration of queues and channels, and it is transparent to the applications.\\nAsynchronous messaging\\nTwo applications that must communicate, whether hosted on the same machine or separate machines, might have originally been designed to  do so directly and synchronously. It was a \\ncommon messaging technique used prior to the introduction of WebSphere MQ.\\nIn this case, the two applications exchange information by waiting for the partner application \\nto become available and then sending the information. If the partner application is unavailable for any reason, including if it is busy performing communication with other applications, the information cannot be sent.\\nAll intercommunication failures that can occur between the two applications must be \\nconsidered individually by the applications, whether they are on the same machine or on different machines connected by a network. It requires a protocol for sending the information, confirming receipt of the information, and sending any subsequent reply.\\nPlacing a WebSphere MQ infrastructure between the two applications allows communication \\nto become asynchronous. One application places information for the partner in a message on a WebSphere MQ queue, and the partner application processes this information when it is available to do so. If required, It can then send a reply message back to the originator. The applications do not need to be concerned with intercommunication failures or recovery. 32 End-to-end Integration with IBM Sterling B2B In tegration and Managed File Transfer SolutionsWebSphere MQ Client\\nWebSphere MQ Client is a light-weight component of WebSphere MQ that does not require \\nthe queue manager run-time co de to reside on the client syst em. It enables an application \\nrunning on the same machine as the client to connect to a queue manager that is running on another machine and perform messaging operations with that queue manager. Such an application is called a client and the queue manager is referred to as a server.\\nUsing MQ Client is an effective way of implementing WebSpher e MQ messaging and \\nqueuing. The benefits of doing this are as follows:\\n/SM590000There is no need for a licensed WebSphere MQ server installation on the client machine.\\n/SM590000Hardware requirements on the client system are reduced.\\n/SM590000System administration requirements on the client system are reduced.\\n/SM590000An application using MQ Client  can connect to multiple queue managers  on different \\nmachines.\\nApplication programming interfaces (APIs)\\nApplications can use WebSphere MQ by several programming interfaces.\\nMessage Queue Interface\\nThe native interface is the Message Queue Interface (MQI). The MQI consists of the following \\nfeatures:\\n/SM590000Calls through which programs can acce ss the queue manager and its facilities\\n/SM590000Structures that programs use to pass data to, and get data from, the queue manager\\n/SM590000Elementary data types for passing data to, and getting data from, the queue manager\\n/SM590000Classes in object-oriented languages for accessing data, the queue manager, and its \\nfacilities\\nMany programming languages and styles are supported depending on the software and \\nhardware platform, for example, C, Java, and most other popular languages.\\nStandardized APIs\\nUtilizing a standardiz ed API can add additiona l flexibility when accessing services through a \\nmessage queuing infrastructure. This book uses  the term standardized API to represent APIs \\nthat are not proprietary to an individual product, such as WebSphere MQ.\\nHere are some examples of standardized APIs that can be used to access services provided \\nthrough a WebSphere MQ infrastructure:\\n/SM590000Java Message Service (JMS)\\n/SM590000IBM Message Service Client (XMS)\\nWide adoption of these APIs can occur across mu ltiple products. For example, the JMS API is \\nan industry standardized API for messaging within the Java Enterprise Edition (Java EE) specification.\\nReliability and data integrity\\nThe intercommunication performed across channels between queue managers is tolerant of network communication failures, and WebSphere MQ assures once-only delivery of messages. Chapter 2. Enabling seamless and secure integration inside and outside of the enterprise 33Persistent and non-persistent messages\\nMessages containing critical business data, such as receipt of payment for an order, need to \\nbe reliably maintained and must not be lost in the event of a failure. On the other hand, some messages might only contain query data, where th e loss of the data is not crucial because \\nthe query can be repeated. In this case, performance might be considered more important than data integrity. \\nTo maintain these opposite requirements, WebSphere MQ uses two type of messages, \\npersistent and non-persistent:\\n/SM590000Persistent messages: WebSphere MQ does not lose a persistent message through \\nnetwork failures, delivery failures, or restart of the queue manager. Each queue manager keeps a failure-tolerant recovery log of all actions performed upon persistent messages. It is sometimes referred to as a journal.\\n/SM590000Non-persistent messages: WebSphere MQ optimizes the actions performed upon \\nnon-persistent messages for performance. N on-persistent message storage is based in \\nsystem memory, so it is possible they can be lost in situations such as network errors, operating system errors, hardware failure, queue manager restart, and internal software failure.\\nUnits of work\\nMany transactions performed by an application cannot be considered in isolation. An application might need to send and receive multiple messages as part of one overall action. Only if all of these messages are successfully sent or received, are any messages sent or received.\\nAn application that processes messages migh t need to perform coordinated work against \\nother resources as well as the WebSphere MQ infrastructure. For example, it can perform updates to information in a database based upon the contents of each message. The actions of retrieving the message, sending any subsequent reply, and updating the information in the database must only complete if all actions are successful.\\nThese actions are considered to be a unit of work (UOW). Units of work performed by \\napplications accessing a WebSphere MQ infras tructure can include sending and receiving \\nmessages as well as updates to databases. WebSphere MQ can coordinate all resources to ensure that a unit of work is only completed if all actions within that unit of work complete successfully.\\n2.3.3  Enterprise Service Bus (ESB): Enab ler for Service Oriented Architecture \\nIn software engineering, a Service Oriented Architecture (SOA) is a set of principles and \\nmethodologies for designing and developing software in the form of interoperable services. In order to implement an SOA, both applications and infrastructure must support the SOA principles. Enabling applications involves the cr eation of service interfaces to existing or new \\nfunctions, either directly or through the use of adapters. Enabling the infrastructure at the most basic level involves the provision of capab ility to route and transport service requests to \\nthe correct service provider. The role of the Enterprise Service Bus is, in part, simply to enable the infrastructure in this way.\\nValue of the ESB concept\\nThe true value of the Enterprise Service Bus (ESB) concept, however,  is to enable the \\ninfrastructure for SOA in a way that reflects the needs of today\\'s enterprise: to provide suitable service levels and ma nageability, and to o perate and integrate in a heterogeneous \\nenvironment.  34 End-to-end Integration with IBM Sterling B2B In tegration and Managed File Transfer SolutionsThe ESB must enable the substitution of one service implementation by another with no effect \\non the clients of that service. It requires both the service interfaces that are specified by SOA and that the ESB allows client code to invoke se rvices in a manner that is independent of the \\nservice location and communication protocol that is involved.\\nESB introduces features that can improve resp onsiveness, customer service, transaction \\ntime, and partner interactions. An ESB provid es capabilities that enhance both direct \\nconnection between applications and routing requests among applications.\\nAn ESB supports the concep ts of SOA implementati on in the following ways:\\n/SM590000Decoupling the consumer\\'s view of a service from the implementation of a service\\n/SM590000Decoupling technical aspect s of service interactions\\n/SM590000Integrating and managing services in the enterprise\\nDecoupling the consumer\\'s view of a servic e from the actual implementation greatly \\nincreases the flexibility of the architecture. It allo ws the substitution of one service provider for \\nanother (for example, because another provider offers the same services for lower cost or with higher standards) without the consumer being aware of the change or without the need to alter the architecture to support the substitution.\\nThis decoupling is better achieved by having the consumers and providers interact through \\nan intermediary. Intermediaries publish servic es to consumers. The consumer binds to the \\nintermediary to access the service, with no direct coupling to the actual provider of the service. The intermediary maps the request to the location of the real service implementation.\\nIn an SOA, services are described as being loosely coupled. However, at implementation \\ntime, there is no way to loosely couple a service or any other interaction between systems. The systems must have some common understand ing to conduct an interaction. Instead, to \\nachieve the benefits of loose coupling, consideration must be given to how to couple or decouple various aspects of service interactions, such as the platform and language in which services are implemented, communication protocols used to invoke services, and data formats used to exchange input and output data between service consumers and providers.\\nFurther decoupling can be achieved by handling some of the technical aspects of \\ntransactions outside of applications. It can apply the following aspects of interactions:\\n/SM590000How service interactions are secured.\\n/SM590000How the integrity of business transactions and data are maintained (for example, through \\nreliable messaging, the use of transaction monitors, or compensation techniques).\\n/SM590000How the invocation of alternative service providers is handled in the event that the default \\nprovider is unavailable.\\nThe role of the ESB is to fulfill these needs by provid ing the following functions:\\n/SM590000Map service requests from one protocol and address to another.\\n/SM590000Transform data formats.\\n/SM590000Support a variety of security and transactional models between service consumers and \\nservice providers and recognize that consumers and providers might support or require different models.\\n/SM590000Aggregate or disaggregate service requests and responses.\\n/SM590000Support communication protocols between multiple platforms with appropriate qualities of \\nservice.\\n/SM590000Provide messaging capabilities such as mess age correlation and pu blish/subscribe to \\nsupport different messaging models such as events and asynchronous request/response. Chapter 2. Enabling seamless and secure integration inside and outside of the enterprise 35Figure 2-7 shows the role of the ESB.\\nFigure 2-7   The role of the ESB \\nApplication integration ve rsus service integration\\nAgain, invoking the front office scenario described in 2.2.2, “Gateway function” on page 19, \\nwe need to determine how the front desk clerk who is serving a customer can communicate with the back office. The front desk clerk has the following choices: \\n/SM590000Take care of the customer\\n/SM590000Pass the request to a another person\\n/SM590000Pass the request to a function such as another department\\n/SM590000Consult a manual to determine the best course of action\\nQuestions for connectivity and format can on ly be answered afterwards: how the addressee \\ncan be reached (call personally, by phone, mail, and so on), which data needs to be passed, \\nand in which form the data needs to presented. \\nThe traditional approach of enterprise application integration often focuses on the question of \\nhow to connect applications only to each other. For example, it helps the front desk clerk to contact another person, but it does not help to place a loans request without knowing which person to call. \\nObviously, it depends on the size of the enterprise and how much integration is needed. But \\nthere is no absolute criteria on how to classify a given enterprise. Other important factors are the dynamics of the enterprise, resources available, and regional distribution. Even small companies would be well advised to abstract their functions to services and implement an extendable enterprise service bus when they expect to grow in the long term, and for that expectation, decide on a strategic orientation in their IT.\\n 36 End-to-end Integration with IBM Sterling B2B In tegration and Managed File Transfer Solutions2.3.4  IBM ESB products\\nThere are many produ cts that can be used to create an  Enterprise Serv ice Bus (ESB). IBM \\nprovides several options for creating an ESB, as shown in Figure 2-8. It allows customers to select ESB technology based on th eir specific needs. In many la rge organization s, more than \\none ESB technology can be used to  create a hybrid ESB as re quired by differences in \\ngeography, technology, or for ot her reasons. Hybrid ESBs are es pecially likely when two large \\ndepartments each embark on SOA separately and then find they need to interoperate with each other.\\nThe three main IBM ESB products are WebS phere Message Broker, WebSphere ESB, and \\nWebSphere DataPower SOA Appliances.\\nFigure 2-8   IBM ESB offerings\\nWebSphere Message Broker\\nWebSphere Message Broker offers  capabilities that many cust omers use to create their ESB \\n(or a central ESB in a hybrid solution). WebSphere Message Broker has its heritage in the WebSphere MQ messaging space, and is particularly well suited for environments heavy in MQ messaging. It offers interface definitions for WSDL and other message formats, mediation capabilities through message fl ows, and support for a range of communication formats, \\nincluding WMQ and HTTP . WebSphere Message Broker also offers content based publish / subscribe interactions and managed topic spaces.\\nWebSphere Message Broker supports implementation of mediation patterns for a broad \\nspectrum of service interaction endpoints. It supports a large number of industry standard message sets (some, but certainly not all using XML encodings) and enables support for additional, user-defined message formats. \\n Chapter 2. Enabling seamless and secure integration inside and outside of the enterprise 37The following typical customer requirements are well suited to a WebSphere Message Broker \\nsolution:\\n/SM590000Transactional\\n/SM590000Publish/subscribe\\n/SM590000ACORD, SWIFT, or COBOL copybook standard formats\\n/SM590000XML formatted data\\n/SM590000WS-* standard compliant\\n/SM590000WebSphere MQ messaging\\n/SM590000Complex transformations\\n/SM590000Complex Event Processing\\nWebSphere Message Brok er provides numerous ESB connec tivity options and any-to-any \\ndata transformation. It enables legacy applications and those that do not conform to standards to connect to an ESB.\\nWebSphere Message Broker is described in more detail in 4.3.1, “WebSphere Message \\nBroker” on page 74.\\nWebSphere ESB\\nWebSphere ESB is a J2EE instantiation of an ESB. WebSphere ESB runs within a J2EE \\ncontainer in the IBM WebSphere Application Server. It is well suited to J2EE and WS-* standards-based applications, especially those ap plications that only need to communicate \\nwith other application servers. It also provides an excellent entry point into the SOA world, allowing basic web services to be utilized as  a stepping-stone into a more robust SOA \\nenvironment.\\nWebSphere ESB provides standards-based Web Services connectivity, JMS messaging, and \\nservice oriented integration. JMS applications for point-to-point and pub/sub messaging, and JAX-RPC service oriented applications can connect directly to WebSphere ESB, or messages can be deliv ered to WebSphere ESB across a variety of transports including \\nWMQ, SOAP/HTTP and SOAP/JMS. WebSphere ESB implements a web services gateway \\nwhich can mediate between SOAP/HTTP and SOAP/JMS based applications. Finally, it also provides an implementation of Universal Description Discovery and Integration (UDDI). The following typical customer requirements ar e well suited to a WebSphere ESB solution:\\n/SM590000J2EE implementations\\n/SM590000Web Services interfaces\\n/SM590000SOAP/HTTP\\nWebSphere DataPowe r SOA Appliance\\nWebSphere DataPower SOA Appliance is a hardware and software offering that provides a \\nnumber of importan t functions: XM L acceleration, securi ty enforcement, and ESB \\nfunctionality. DataPower has several important characteristics:\\n/SM590000Optimized hardware, firmware, and imbedded operating system\\n/SM590000A high level of assurance that the configuration is locked-down\\n/SM590000Reduced security vulnerabilities\\n/SM590000Hardware storage of encryption keys and a locked audit log\\n/SM590000No hard disks, CD ROMs, or USB ports\\n/SM590000Tamper-proof case that renders the machine unusable if opened\\n/SM590000Reduced operational complexity, as it is truly an SOA appliance 38 End-to-end Integration with IBM Sterling B2B In tegration and Managed File Transfer SolutionsDataPower provides the fastest entry into the SOA world, while at the same time providing an \\nenhanced security environment.\\nThe following typical customer requirements are well suited to a DataPower solution:\\n/SM590000Security Gateway\\n/SM590000XML firewall, parsing and validation\\n/SM590000Basic routing\\n/SM590000Content-based routing\\nProtocol bridging (HTTP , WebSphere MQ clients, FTP , ODBC, etc.)\\n2.3.5  Technology choices\\nTable 2-2 shows the different approaches of seamless integration with the internal systems:\\nTable 2-2   Technology choices \\nFor more information, see this website:\\nhttp://www-01.ibm.com/software/integration/wsesb/v6/faqs.html#provide\\nTechnology selection criteria\\nIn this section, we discuss the criteria that you need to keep in mind when developing your \\ntechnology solutions.WebSphere ESB WebSphere Message \\nBrokerWebSphere \\nDataPower\\nPossible complexity in \\ntransformationsHigh High Medium \\nRelative latency Regular Low Close to zero\\nOut-of-the box \\nInteroperabilityStandards Wide Specialized\\nExtensibility Very high (JCA) High Medium\\nHuman task support Y es, after upgrade to \\nthe WebSphere \\nProcess ServerNo No \\nTransaction manager Internal coordinator \\nWASInternal coordinator \\nWMQExternal \\nTransactions Regular and extended Regular and extended Regular and extended \\n(JTA) \\nPricing Medium unit Large unit Low maintenance \\ncosts Chapter 2. Enabling seamless and secure integration inside and outside of the enterprise 39Interaction style\\nIn order to fully support the variety of interaction patterns that are required in a \\ncomprehensive SOA (such as re quest/response, publish/subs cribe, and events), the ESB \\nmust ideally support in one infrastructure the three major styles of enterprise integration:\\n/SM590000SOAs in which applications communicate through reusable services with well-defined, \\nexplicit interfaces. Service-oriented interactions leverage underlying messaging and event communication models.\\n/SM590000Message-driven architectures in which applications send messages through the ESB to \\nreceiving applications.\\n/SM590000Event-driven architectures in which applications generate and consume messages \\nindependently of one another.\\nA consumer can implement a service invocation in different ways. From the consumer\\'s point \\nof view, the difference is as follows:\\n/SM590000Synchronous: The consumer uses a single thread  to invoke the service; the thread sends \\nthe request, blocks while the service is running, and waits for the response.\\n/SM590000Asynchronous: The consumer uses a pair of threads to invoke the service; one thread \\nsends the request, then a separate thread listens for and receives the response.\\n/SM590000Publish/subscribe: A service publishes messages  on a specific topic. Multiple services \\n(subscribers) can subscribe to this to pic and receive the published messages.\\nAn ESB can offer any combination of these invoca tion models for a single service, letting \\nservice consumers select a preferred invocation model.\\nInteraction style can influence the ESB implem entation. IBM WebSpher e Message Broker is \\nespecially suited to architectures in which the basic flow paradigm is asynchronous or pseudo-synchronous.\\nStatefulness\\nCertain situations might require an ESB to maintain state as me ssages traverse it. A simple \\nexample involves selecting a particular service endpoint from the context information of the last applicable message. A more complex example extends the ESB paradigm by detecting \\ncomplex situations that involve a context-sensitive composition of messages and events \\n(semantic context, temporal context, spacious-temporal context). This functionality is extremely powerful when applied to the processing of input from multiple event sources: from the perspective of a business, application, or infrastructure within different contexts. For example, such scenarios might involve Service Level Agreement alerts and compliance checking, which is applicable to the security, finance, banking, and insurance industries.\\nHardware ESB implementations do not generally support stat eful interactions, making \\nstatefulness a criterion for software ESB implementations. WebSp here Message Broker, \\nuniquely, implements complex message processing directly in the product, making it the most suitable for use cases requiring this function.\\nEndpoints, standard s, and protocols\\nEndpoints are consumers and services that interact through the ESB. Endpoints that employ \\nstandard technol ogy and protocols (such as web servic es) allow the most flexibility in ESB \\ntechnology selection. However, it is often not practical or cost-effective to restrict endpoints to these standards where large legacy investments exist. Similarly, while integrating packaged \\napplications is possible using their proprietary APIs, it is often useful to delegate this integration to a middleware vendor. To address these concerns, adapters exist that can greatly simplify integration. 40 End-to-end Integration with IBM Sterling B2B In tegration and Managed File Transfer SolutionsThe use of adapters influences  ESB product selectio n because adapters re quire a software \\nruntime (they are not support ed on hardware ESB implementa tions) and prerequisites for \\nadapters vary.\\nPolicy-based interaction manage ment and dynamic service selection\\nAn emerging ESB technology invo lves dynamic endpoint selecti on that exploits agent-based \\nendpoint statistics such as server utilization and health. It is supported out of the box in \\ncertain IBM ESB products through integration with IBM Tivoli Composite Application Manager.\\nMessage volume, size, and type\\nESB products have different scalability charac teristics. In genera l, hardware-based \\nimplementations scale quite well and have excellent support for industry standard data formats. However they do not provide the versat ility of software implem entations. WebSphere \\nMessage Broker performs very well, offers a very rich set of ESB functionality, and can be extended with custom components and adapters. WebSphere ESB has a rich set of support for industry standard formats, Java and Web Services standards, and can be extended with custom components and adapters.\\nReliability, availability , and serviceability (RAS)\\nESB products have different operational charac teristics and they achieve scalability and high \\navailability through different mechanisms and architectural footprints (one example is \\napplication server clustering versus OS-level clustering). It must be taken into consideration and the resulting solution architecture must balance RAS considerations against existing budget, skills within the organizati on and operational complexity.\\nRequired mediations\\nESB products differ in their ability to handle mediations  without custom programming. \\nNotably, WebSphere Message Broker has extensive support for standard data formats such as ACORD, SWIFT, and COBOL copybooks. If data formats are XML and Web Services, WebSphere DataPower SOA Appliances are an ideal fit, offering very high performance.\\n2.3.6  Small enterprises\\nThe small enterprise must find solutions that fit its limited financial and human resources. It probably cannot afford to pay much for significant individual programming or adaptions. \\nIssues of ad-hoc integration\\nSmall enterprises will probably choose highly integr ated “custom off the shelves” software \\npackages that offer most of the capabilities they need. It other wo rds, they would make use of \\nthe shared database pattern for internal integration, as the vintage model companies did. Y et, there will be issues with their remaining integrat ion needs. Examples include trying to solve \\ntheir requirements ad-hoc with whatever converter, adapter, bridge, or transformation tool is in reach, such as a download from the Internet, ad-hoc scripting (when the IT person has the knowledge), or simply by manually transferring (copying and pasting) from one window to another.  Chapter 2. Enabling seamless and secure integration inside and outside of the enterprise 41If such a direct approach is chosen in an environment with eight components, it results in 42 \\nbi-directional connections. Unlike the symbolic  edges in Figure 2-9, the shape of the links \\nwould vary in terms of protocols and transports. It leads to operational complexity that can become expansive and dangerous. \\nFigure 2-9   Direct connectivity, hub and spoke and bus approach\\nThe most important consideration is that manual synchronization and most ad-hoc connectivity solutions do not guarantee transactional integrity. \\nIntegrated cloud services \\nA viable alternative to homemade integration inside a small company can be buying an integrated cloud services solution from an external provider. The cloud attributes are very attractive for small businesses:\\n/SM590000Enhanced user experience\\n/SM590000Elastic scaling\\n/SM590000Automated provisioning\\n/SM590000Highly virtualized\\n/SM590000Flexible pricing \\nIt is particularly true when the small enterprise uses a number of applications in the cloud and \\nthe integration data traffic stays in the cloud. If there are many interactions between applications and services hosted in different places, it would be problematic where the integration software is placed, because network latency becomes an issue. We assume that most of the services to be integrated are hosted in the cloud. Therefore, integration must also happen there.\\nThe use of cloud based services that are not integrated have at least the same drawbacks as \\nthe non-integrated on-premises applications. Small enterprises tend to participate in public or shared cloud services as opposed to a hosted private cloud. \\nThe cloud service provider uses highly developed integration software products (as we \\ndiscuss in the following sections) to offer integration services for a higher number of clients, often combined with industry-specific extensions. There can be win/win situations when providers include some customization in order to better adapt their offering to the specific industry. The enterprise gets the service it needs at a good price and the cloud service provider improves its portfolio.Changes:  Transactional integrity  means that changes are propagated “exactly once, and \\nonly once” between systems.   42 End-to-end Integration with IBM Sterling B2B In tegration and Managed File Transfer Solutions2.3.7  Medium and large enterprises\\nMedium and large enterprises who want to avoi d the direct connection tangle often choose a \\n“hub and spoke” integration approach where applications are connected by adapters to a broker that acts as intermediary. In the sample shown in Figure 2-9, the number of links is reduced from 42 to 7. \\nThe concept of enterprise service bus (Figure 2-10) leverages hub and spoke architecture to \\nthe next level by the abstract ing applications to services. \\n/SM590000More indirection\\n/SM590000More scalability \\n/SM590000More flexibility for diff erent ways to do things\\nFigure 2-10   Enterprise Service Bus - Conceptual - \\nAn ESB connects requestor and provider, deco upling the inte ractions between them in \\nsupport of separation of concerns. An ESB is part of a connectivity infrastructure that enables decoupled, dynamic, adaptable service interaction.\\nAn ESB is used to connect the service requester to the servic e provider so that messages \\ncan be routed between the two platforms. The ESB is a collection of software components that manage messaging from one part of the network to another. The ESB handles \\nmismatches between the requesters and providers, including protocol, interface, or quality of service mismatches.\\n Chapter 2. Enabling seamless and secure integration inside and outside of the enterprise 43The ESB processes messages exchanged between the service endpoints (Figure 2-11). In \\ncontrast with regular business application components, the ESB is concerned with the flow of the messages through the infrastructure and not just with the business content of the messages. Rather than performing busine ss functions, the ESB performs mediation \\ncapabilities including, routing,  transformation, and logging operations on the messages.\\nFigure 2-11   Messages exchang ed between the service endpoints\\nInterposing the ESB between partic ipants enables you to modulat e their interaction through a \\nlogical construct called a mediation . Mediations operate on messages in-flight between \\nrequesters and providers. For example, mediat ions can be used to find services with specific \\ncharacteristics that a requester is asking for, or to resolve interface differences between requesters and providers. For complex interactions, mediations can be chained sequentially.\\nAn enterprise service bus, with mediations, pe rforms the following actions between requester \\nand service:\\n/SM590000\\nRouting  messages between services. An enterprise service bus offers a common \\ncommunication infrastructure that can be used to connect services, and thereby the business functions they represent, without the need for programmers to write and maintain complex connectivity logic.\\n/SM590000\\nConverting  transport protocols between requester and service. An enterprise service bus \\nprovides a consistent, standards-based way to integrate business functions that use \\ndifferent IT standards. It enables integration of business functions that cannot normally communicate, such as to connect applications in departmental silos or to enable applications in different companies to  participate in service interactions.\\n/SM590000\\nTransforming  message formats between requester and service. An enterprise service bus \\nenables business functions to exchange information in different formats, with the bus ensuring that the information delivered to a business function is in the format required by that application. \\n/SM590000\\nHandling  business events from disparate sources. An enterprise service bus supports \\nevent-based interactions in addition to the message exchanges to handle service requests.\\nHybrid ESB:  One difference between medium and large enterprises is that, as described \\nin 2.3.4, “IBM ESB pr oducts” on page 36, some large or ganizations use more than one \\nESB technology to create a hybrid ESB as required by differences in geography, \\ntechnology, or for other reasons. \\n 44 End-to-end Integration with IBM Sterling B2B In tegration and Managed File Transfer Solutions © Copyright IBM Corp. 2012. All rights reserved. 45Chapter 3. Connecting with your partners \\nand managing your \\ncommunication\\nIn this chapter, we discuss typical scenarios for a company to exchange business data with \\ntrading partners. Several possible implementations are considered and described, depending on the business requirements. We also discuss managing exchanged business data.\\nThis chapter includes the following sections:\\n/SM5900003.1, “What are the business requirements?” on page 46\\n/SM5900003.2, “Typical scenarios and implementation” on page 46\\n/SM5900003.3, “Product information” on page 583 46 End-to-end Integration with IBM Sterling B2B In tegration and Managed File Transfer Solutions3.1  What are the business requirements?\\nThe scenarios that we discuss in this chapter take the following business requirements into \\nconsideration:\\n/SM590000Operation and performance characteristics, including these factors:\\n– Onboarding partners:\\n\\x81 The configuration necessary for onboarding an external trading partner\\n\\x81 The need for installing a software on an external trading partner environment\\x81 The external trading partner skill to  deploy and configure any software\\n\\x81 Any outsourced services\\x81 The number of external trading partners\\n– Operation and performance:\\n\\x81 The need for encrypting data exchange\\n\\x81 The need for doing data exchange without manual intervention\\x81 How often the data exchange occurs\\x81 The different file sizes that must be accommodated\\x81 The data exchange performance necessary to satisfy processing windows\\x81 Triggering processing after the data has been received\\n/SM590000Managing data exchange, including these factors:\\n– Being able to get a warning if the connection or transmission fails\\n– Being able to define what data exchange should happen. when it needs to happen, and \\nget a warning if it does not occur\\n– Being able to troubleshoot any problem from a central location\\n3.2  Typical scenarios  and implementation\\nThis section describes some sample scenario s showing different possible implementations \\nfor business data exchange and monitoring of the environment. \\n3.2.1  Sample scenario: IBM Sterling File Gateway\\nThe scenario described in this section has the following assumptions:\\n/SM590000There are external trading partners (represented by Company A). \\n/SM590000There is a centralized location to which all external trading partners communicate \\n(represented by Company B). \\nScenario requirements\\nIt is assumed that Company B has the following needs when communicating to external trading partners (Company A):\\n/SM590000Onboarding an external trading partner must require minimum configuration.\\n/SM590000There is no need to install any software on the external trading partner environment.\\n/SM590000Some external trading partners might not ha ve personnel who are skilled to deploy or \\nconfigure any software.\\n/SM590000Several different protocols need to be available to adapt to different external trading \\npartners requirements. Chapter 3. Connecting with your partners and managing your communication 47/SM590000Existing software on the external trading partners environment must be accepted \\nwhenever possible.\\n/SM590000Different file sizes and amounts must be accommodated.\\n/SM590000It is necessary to stage data sent to some external trading partners.\\n/SM590000Data processing needs to be automated when received from an external trading partner.\\nScenario implementation\\nIBM Sterling File Gateway can be used to satisfy the needs of Company B in the ways \\ndescribed in the following sections.\\nOnboarding an external trading partner must require minimum configuration\\nWith IBM Sterling File Gateway, you can use easy-to-user graphical user interface to onboard partners and configure the various combinations of communication protocols to enable Sterling File Gateway operation. In this scenario, a new external trading partner (Company A) definition needs to be created. Previous definition templates can be reused.\\nThere is no need to install any software on the external trading partner \\nenvironment\\nIBM Sterling File Gateway provides a myFileGateway application that runs from a \\nWebBrowser. From within myFileGateway, external trading partners can do these tasks:\\n/SM590000Upload or download files\\n/SM590000Search for routes in which they participated\\n/SM590000View recent activity and status for file transfers in which they participated\\n/SM590000Generate reports for activity in which they participated\\n/SM590000Change their password\\n/SM590000Subscribe to notifications\\nSeveral different protocols must be available to adapt to the requirements of \\ndifferent external trading partners\\nIBM Sterling File Gateway uses a wide range of  protocols going into an external trading \\npartner (Company A) server. These protocols are described in Table 3-1.\\nTable 3-1   Supported protocols by IBM Sterling File Gateway\\nProtocol Encryption Business Purpose\\nFTP/S SSL Widely available, easy to configure.SFTP SSH/SFTP Widely available, easy to configure.\\nSFTP SSH/SCP SSH/SCP provides an alternative means to exchange information with \\ntrading partners who do not have SFTP clients. The SFTP Server \\nadapter enables trading partners with SCP clients to exchange files with Application Mailboxes. To the external  users, the Mailbox is a directory \\non which the user has privileges.\\nHTTP/S SSL Supports application myFileGateway.\\nConnect:DIrect SSL/TLS\\nSTSConnect:Direct uses a proprietary high performance protocol. 48 End-to-end Integration with IBM Sterling B2B In tegration and Managed File Transfer SolutionsExisting software on external trading partners must be accepted whenever \\npossible\\nIf Company A already has an IBM Sterling Connect:Direct Server or a Sterling B2B Integrator \\nConnect:Direct Adapter, it can be used to communicate to Sterling B2B Integrator Sterling File Gateway Connect:Direct Server adapter.\\nDifferent file sizes should be accommodated\\nIf it is necessary for Company A (external trading partners) and Company B to exchange large size files and/or big amounts of files or they have a small processing window that other protocols could not meet, or need to exchange data without manual intervention, then IBM Sterling Connect:Direct could be used. See 3.2.2, “Sample scenario: IBM Sterling Connect:Direct” on page 50 below. IBM Sterling File Gateway supports Connect:DIrect protocol, as shown in Table 3-1 on page 47.\\nNeed to stage data sent to some external trading partners\\nIf Company A (external trading partners) are not available when Company B has data to send the data can be stored on Sterling B2B Integrator Mailbox. Next time Company A initiates a connection the data can be retrieved from Mailbox.\\nNeed to automate data processing when received from an external trading \\npartner\\nYou have several options when integrating mailboxes with the rest of the application. \\nThe most commonly used option is integrating the mailboxes with business processes. There \\nare two primary methods you can use:\\n/SM590000Invoking the Mailbox services from a business process.\\n/SM590000Specifying an application business process using a routing rule.\\nSee the following websites for more details:\\nhttp://help.sterlingcommerce.com/SB2BI52/topic/com.ic.customization.doc/SI_52_PDF/\\nSI52_Mailbox_31923_22331.pdf\\nhttp://help.sterlingcommerce.com/SFG22/topic/com.ic.customization.doc/SFG22_Overvi\\new.pdfTip: IBM Sterling Connect:Direct supports several features providing a very high \\nperformance: multi-sessions, sessions retry, checkpoint/restart/ compression. Chapter 3. Connecting with your partners and managing your communication 49Scenario details\\nFigure 3-1 describes this scenario.\\nFigure 3-1   Sample IBM Sterling File Gateway scenario   Company A (Trading Partner)                DMZ                                  Company B\\n2Firewalls\\nCompany A \\ninitiates connection to \\nCompany BSterling\\nB2B\\nIntegrator\\nFTP/S or SFTP\\nclient\\nSterling \\nFile GatewayWebBrowser to\\nmyFileGateway FTP/S or SFTP\\nserver (1)\\nHTTP or HTTP/S\\nserver Sterling\\nSecure\\nProxy (2)\\nCompany A\\naccepts connection fromCompany B\\nFTP/S or SFTP\\nclient\\n (3)\\nFTP/S or SFTP\\nserverHTTP or HTTP/S\\nclient (4)\\nHTTP or HTTP/S\\nserver\\nConnect:DIrect\\nServer\\nAdapter\\nCompany A\\ninitiates or accepts\\nconection to/fromCompany B\\nIBM Sterling\\nConnect:Direct\\nserver (5) 50 End-to-end Integration with IBM Sterling B2B In tegration and Managed File Transfer SolutionsThis scenario has the following assumptions:\\n/SM590000External trading partners (Company A) are placed outside of the DMZ.\\n/SM590000Sterling Secure Proxy is placed inside the DMZ.\\n/SM590000Company B is placed internal to the DMZ.\\nThe following text describes the flow of this scenario:\\n1. Arrow (1): An FTP/S or SFTP session initiated by external trading partners (Company A), \\ntraversing through Sterling Secure Proxy and reaching Sterling File Gateway FTP/S or SFTP server.\\n2. Arrow (2): An HTTP or HTTP/S session initiated by external trading partners (Company \\nA), using myFileGateway application, traversing through Sterling Security Proxy and reaching Sterling File Gateway HTTP or HTTP/S server.\\n3. Arrow (3): An FTP/S or SFTP  session initiated by Company B, traversing through Sterling \\nSecure Proxy and reaching external trading partners (Company A) FTP/S or SFTP server.\\n4. Arrow (4): An HTTP or HTTP/S session initiated by Company B, traversing through \\nSterling Secure Proxy and reaching external trading partners (Company A) HTTP or HTTP/S server.\\n5. Arrow (5): A session initiated either by external trading partners) Company A or Company \\nB, traversing through Sterling Secure Proxy. The participants of this session are external trading partners (Company A) IBM Sterling Connect:Direct server and Company B Sterling B2B Connect:Direct Server adapter.\\n3.2.2  Sample scenario: IBM Sterling Connect:Direct \\nThe scenario described in this section has the following assumptions:\\n/SM590000There are external trading partners (represented by Company A). \\n/SM590000There is a centralized location to which all external trading partners communicate \\n(represented by Company B). \\nScenario requirements\\nIt is assumed that Company B has the following needs when communicating to external trading partners (Company A):\\n/SM590000High volume data is exchanged with high number of files or very large files with high \\nperformance.\\n/SM590000High performance is required.\\n/SM590000Data exchange occurs without manual intervention.\\n/SM590000Detailed logging of data exchange operations is done.\\n/SM590000There is a need to automate data processing after it has been received from an external \\ntrading partner. Chapter 3. Connecting with your partners and managing your communication 51Scenario implementation\\nIBM Sterling Connect:Direct or the IBM Sterling B2B Connect:Direct Server Adapter can be \\nused to satisfy the following needs of Company B.\\nHigh volume data is exchanged, high number of files, or very large files with \\nhigh performance\\nIBM Sterling Connect:Direct supports several features providing very high performance: \\nmulti-sessions, sessions retry, checkpoint/restart/ compression, and data exchange without manual intervention. With IBM Sterling Connect:Direct, there is no limit on the file size to be transferred. IBM Sterling Connect:Direct supports FileAgent to automate data exchange operations. See the IBM Sterling Connect:Direct File  Agent Configuration Guide at the \\nfollowing website for more information:\\nhttp://www.sterlingcommerce.com/documentation/home/MFT/ConnectDirect/File%20Agent/\\nCD%20FileAgent14/CDFAConfigGuide.pdf\\nData exchange without manual intervention\\nIBM Sterling B2B Connect:Direct Server Adapter operations can be triggered from within a Business Process without manual intervention.\\nDetailed logging of data exchange operations\\nIBM Sterling Connect:Direct statistics log every operation in detail. In general, the same information exists on the statistics of both IBM Sterling Connect:Direct instances that had communicated. IBM Sterling B2B Connect:Direct Server adapter generates Business Process statistics.\\nNeed to automate data processing after it has been received from an external \\ntrading partner\\nIBM Sterling Connect:Direct exits or Process Language can be used to automate the \\nprocessing of data received from an external trading partner\\nFor more information, see the  IBM Sterling Connect:Direct Process Language Reference \\nGuide  at this website:\\nhttp://www.sterlingcommerce.com/Documentation/Processes/CDProcessesLanguageRefGuid\\ne.pdf\\nIBM Sterling B2B Connect:Direct Server adapter can use Sterling File Gateway Mailbox \\nservices to automate the processing of data received from an external trading partner. 52 End-to-end Integration with IBM Sterling B2B In tegration and Managed File Transfer SolutionsScenario details\\nFigure 3-2 describes this scenario.\\nFigure 3-2   Sample IBM Sterling Connect:Direct scenario/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23#23/;#23#23#23/;#23#23#23#23/;#23#23#23#23#23/;#23#23#23#23#23#23/;#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23/;#23#23#23#23#23#23#23#23#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23\\n/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/##40He56442409eb2e77ad61dd1c271fabe6c/##43Hd27e308598cf1f8bcf9e336036f3f448/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23#23/;#23#23#23/;#23#23#23#23/;#23#23#23#23#23/;#23#23#23#23#23#23/;#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23/##46H7a539460a8268e5915c0973dbb05dce1\\n/;#23/;#23/;#23/;#23/;#23\\n/;#23/;#23/;#23/;#23/;#23/;#23/;#23/##49H7d5c40f4f2638829db6b707b7e9400a3/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/##4CH2eb0c8ba15de4cce8fa3c169622f8e93/;#23#23#23#23#23#23/##4FHabe68123f3cb4e14e0d59c97044fedf7/##4FHabe68123f3cb4e14e0d59c97044fedf7/##52H929f5141f4575eca8d5e4ef21356227f\\n/;#23/;#23#23/;#23#23#23/;#23#23#23#23/;#23#23#23#23#23/;#23#23#23#23#23#23/;#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23\\n/;#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23\\n/;#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23/;#23#23/;#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23\\n/;#23#23/;#23#23#23/;#23#23#23#23/;#23#23#23#23#23/;#23#23#23#23#23#23/;#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23/;#23#23#23#23#23#23#23#23#23\\n/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/##52H929f5141f4575eca8d5e4ef21356227f/;#23/;#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23/;#23/;#23#23#23#23#23#23/##55H86fa5259cb141e4f33f834c08eacfe53/##55H86fa5259cb141e4f33f834c08eacfe53/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/##52H929f5141f4575eca8d5e4ef21356227f\\n/##55H86fa5259cb141e4f33f834c08eacfe53/;#23#23#23/;#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/##55H86fa5259cb141e4f33f834c08eacfe53/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23/;#23#23#23#23#23#23#23/;#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23/##58Hb981034091b194e41ef5193e7127dfd3/##5BH40500acfd45bb67052e9c43dd051a0f4/;#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23/;#23#23#23#23\\n/;#23#23/;#23#23#23/;#23#23#23#23/;#23#23#23#23#23/;#23#23#23#23#23#23/;#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23/##46H7a539460a8268e5915c0973dbb05dce1\\n/g31/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23/##4FHabe68123f3cb4e14e0d59c97044fedf7/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23\\n/##49H7d5c40f4f2638829db6b707b7e9400a3/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23/##4FHabe68123f3cb4e14e0d59c97044fedf7/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23/g32/;#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/##4CH2eb0c8ba15de4cce8fa3c169622f8e93/;#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23\\n/g33/##46H7a539460a8268e5915c0973dbb05dce1/##40He56442409eb2e77ad61dd1c271fabe6c/;#23/g31/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23/##4FHabe68123f3cb4e14e0d59c97044fedf7/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23\\n/;#23#23/;#23#23#23/;#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/##55H86fa5259cb141e4f33f834c08eacfe53/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/g34/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/##55H86fa5259cb141e4f33f834c08eacfe53/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23\\n/##52H929f5141f4575eca8d5e4ef21356227f/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23/g35/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23 /;#23#23/;#23#23#23/;#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/##55H86fa5259cb141e4f33f834c08eacfe53/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/g34/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/##55H86fa5259cb141e4f33f834c08eacfe53/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23\\n/g31/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23/g35/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23\\n/;#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23/;#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23\\n/g31/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23/##4FHabe68123f3cb4e14e0d59c97044fedf7/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23\\n/g31/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/##55H86fa5259cb141e4f33f834c08eacfe53/g36/;#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23\\n/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23/g37/;#23#23#23#23#23#23#23#23/;#23/;#23/;#23#23#23#23#23#23#23#23#23#23/g38/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23/;#23/;#23#23#23#23#23#23#23#23#23#23/g39/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23\\n/g33/##46H7a539460a8268e5915c0973dbb05dce1/##40He56442409eb2e77ad61dd1c271fabe6c/;#23/g31/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23/##4FHabe68123f3cb4e14e0d59c97044fedf7/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23\\n/;#23#23/;#23#23#23/;#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/##55H86fa5259cb141e4f33f834c08eacfe53/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/g34/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/##55H86fa5259cb141e4f33f834c08eacfe53/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23\\n/##52H929f5141f4575eca8d5e4ef21356227f/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23/g35/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23\\n/g40/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/g41/g31/;#23#23#23#23#23/g42/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23\\n/##40He56442409eb2e77ad61dd1c271fabe6c/g43/;#23/##49H7d5c40f4f2638829db6b707b7e9400a3/;#23#23#23#23#23#23#23#23#23#23#23/g44/;#23/;#23/;#23#23#23#23#23#23#23#23#23#23/g45/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23\\n/;#23/;#23/;#23#23#23#23#23#23#23#23#23#23/g46/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23\\n/g40/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/g41/g31/;#23#23#23#23#23/g42/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23\\n/##40He56442409eb2e77ad61dd1c271fabe6c/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/##52H929f5141f4575eca8d5e4ef21356227f/##52H929f5141f4575eca8d5e4ef21356227f/;#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23\\n/##46H7a539460a8268e5915c0973dbb05dce1/;#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23/g47/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23/;#23/;#23/;#23#23#23#23#23#23#23#23#23#23/g48/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23\\n/##49H7d5c40f4f2638829db6b707b7e9400a3/g33/##4FHabe68123f3cb4e14e0d59c97044fedf7/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23 Chapter 3. Connecting with your partners and managing your communication 53This scenario has the following assumptions:\\n/SM590000External trading partners (Company A) are placed outside the DMZ.\\n/SM590000Sterling Secure Proxy is placed inside the DMZ.\\n/SM590000Company B is placed internal to the DMZ.\\nHere we describe the flow of this scenario:\\n1. Arrow (1): A session initiated either by external trading partners) Company A or Company \\nB, traversing through Sterling Secure Proxy. The participants of this session are external trading partners (Company A) IBM Sterling Connect:Direct server and Company B IBM Sterling B2B Connect:Direct Server adapter \\n2. Arrow (2): A session initiated either by external trading partners) Company A or Company \\nB, traversing through Sterling Secure Proxy. The participants of this session are external trading partners (Company A) IBM Sterling Connect:Direct server and Company B IBM Sterling Connect:Direct server.\\n3. Arrow (3): A session initiated by Company B in ternal to the DMZ. The participants of this \\nsession are Company B IBM Sterling Connect:Direct server and Company B IBM Sterling B2B Connect:Direct Server adapter. This session is shown to represent a possible connectivity internal to Company B.\\n4. Arrow (4): A session initiated by Company B in ternal to the DMZ. The participants of this \\nsession are Company B IBM Sterling Connect:Direct server and Company B WebSphere MQ FTE. This session is shown to represent a possible connectivity internal to Company \\nB.\\n5. Arrow (5): A session initiated by Company B in ternal to the DMZ. The participants of this \\nsession are Company B IBM Sterling Connect:Direct server and Company B WebSphere Message Broker. This session is shown to represent a possible connectivity internal to Company B.\\n3.2.3  Sample IBM Sterling Control Center scenario\\nThe scenario described in this section has the following assumptions:\\n/SM590000There are external trading partners (represented by Company A). \\n/SM590000There is a centralized location to which all external trading partners communicate \\n(represented by Company B).  54 End-to-end Integration with IBM Sterling B2B In tegration and Managed File Transfer SolutionsScenario requirements\\nIt is assumed that Company B has the following needs when communicating to external \\ntrading partners (Company A):\\n/SM590000Any failure in a data exchange will be  immediately detected and notified.\\n/SM590000Any planned data exchange th at does not occur will be notified before their Service Level \\nAgreement (SLA) is not met.\\n/SM590000Availability of a centralized console with nece ssary data to determine problem cause or \\nbegin problem determination.\\nScenario implementation\\nIBM SterlingControl Center can be used to satisfy Company B needs as described below.\\nAny failure in a data exchange will be immediately detected and notified\\nIBM Sterling Control Center manages IBM Sterling File Gateway and IBM Sterling Connect:Direct. Y ou can define rules to follow up any data exchange operation that are critical to some SLA or processing window. Any failure  in those operations will be immediately \\nnotified.\\nAny planned data exchange that does not occur will be notified before their \\nService Level Agreement (SLA) is not met\\nService Level Criteria (SLC) can be defined for any planned data exchange that is critical to \\nsome SLA or processing window. If the plan ned data exchange fails or does not occur a \\nnotification will be sent.\\nAvailability of a centralized console with necessary data to determine problem \\ncause or begin problem determination\\nIBM Sterling Control Center gathers data about data exchange operations that can be \\naccessed by their local or remote consoles. IBM Sterling Control Center can also be used to configure IBM Sterling Connect:DIrect servers.\\nFor more information, see IBM Sterling Control Center System Administration Guide at this \\nwebsite:\\nhttp://www.sterlingcommerce.com/documentation/SCC53/PDF/SystemAdministration.pdf Chapter 3. Connecting with your partners and managing your communication 55Scenario details\\nFigure 3-3 describes this scenario.\\nFigure 3-3   Sample IBM Sterling Control Center scenario Company A (Trading Partner)             DMZ                                       Company B\\nFirewalls\\nCompany A\\ninitiates or accepts\\nconection to/fromCompany BSterling\\nB2BIntegrator\\nFTP/S or SFTP\\nclient or\\nserver\\nSterling\\nFile Gateway\\n (1)\\nHTTP or HTTP/S\\nclient or \\nserverConnect:Direct\\nServer\\nAdapterSterling\\nSecureProxy  (2)\\n (3)\\nFIleAgent\\nIBM Sterling\\nConnect:Direct\\nserverIBM Sterling\\nConnect:Direct\\nserver (5)\\n (4)\\nIBM Sterling\\nControl Center (1)\\n (2) 56 End-to-end Integration with IBM Sterling B2B In tegration and Managed File Transfer SolutionsThis scenario has the following assumptions:\\n/SM590000External trading partners (Company A) are placed outside the DMZ.\\n/SM590000Sterling Secure Proxy is placed inside the DMZ.\\n/SM590000Company B is placed internal to the DMZ.\\nHere we describe the flow of this scenario:\\n1. Arrow (1) represents:\\n– An FTP/S or SFTP session initiated by external trading partners (Company A), \\ntraversing through Sterling Security Proxy and reaching Sterling File Gateway FTP/S or SFTP server.\\n– An HTTP or HTTP/S session initiated by ex ternal trading partners (Company A), using \\nmyFileGateway application, traversing through Sterling Security Proxy and reaching Sterling File Gateway HTTP or HTTP/S server.\\n– An FTP/S or SFTP session initiated by Comp any B, traversing through Sterling Secure \\nProxy and reaching external trading part ners (Company A) FTP/S or SFTP server.\\n– An HTTP or HTTP/S session initiated by Company B, traversing through Sterling \\nSecure Proxy and reaching external trading  partners (Company A) HTTP or HTTP/S \\nserver.\\n2. Arrow (2) represents:\\n– A session initiated by external trading partners (Company A) traversing through \\nSterling Secure Proxy and reaching Company B Sterling B2B Integrator Connect:Direct Server Adapter.\\n– A session initiated by external trading partners (Company A) traversing through \\nSterling Secure Proxy and reaching Company B IBM Sterling Connect:Direct Server.\\n3. Arrow (3) represents an internal session between Company B Sterling B2B Integrator \\nConnect:Direct Server Adapter and Company B IBM Sterling Connect:Direct Server.\\n4. Arrow (4) represents IBM Sterling Control Center managing Company B IBM Sterling \\nConnect:Direct Server operations.\\n5. Arrow (5) represents IBM Sterling Control Center managing Company B IBM Sterling B2B \\nintegrator operations.\\n3.2.4  Sample IBM Sterling B2B Cloud Services scenario\\nIBM Sterling B2B Cloud Services fill a void in th e portfolio of on-premise software products by \\nintroducing software solutions ranging from on-demand to fully managed services, providing customers with the flexib ility to quickly adapt as their busi ness needs change and evolve. And \\nthe hybrid strategy of providing a combination of software on-premise and services in the cloud provides customers secure connectivity and collaboration with 100% of their business partners.  Chapter 3. Connecting with your partners and managing your communication 57See Figure 3-4 for details.\\nFigure 3-4   Sample IBM Sterling B2B Cloud Services scenario\\nSample scenarios of adoption of IBM Sterling B2B Cloud Services are described in detail in \\nChapter 8, “IBM Sterling B2B Cloud Service scenarios” on page 313. Customers benefit from adopting the cloud services to meet the following business requirements:\\n/SM590000Reduce the time and complexity of securely and flexibly integrating 100% of partner \\ncommunities, having little operational impact on IT staff.\\n/SM590000Rely on a highly scalable platform and elastic resource capacity to grow and shrink as \\nneeded, responding to dynamic business needs.\\n/SM590000Accelerate the ROI of B2B projects and use th eir internal resources where they need them \\nmost, and use outsourced services instead of establishing complex expertise in house.\\n/SM590000Provide centralized visibility into actionable  information across key IT and business \\nprocesses.\\n3.2.5  Sample WebSphere DataPower B2B Appliances XB62 scenario\\nIn this section, we provide an overview of a banking integration scenario. In this case, we \\nimplement a one-way flow, which corresponds with an incoming payment from the hub Enterprise Resource Planning (ERP) system, that needs to be sent to a specific banking partner. A message comes through the DataPower device by WebSphere MQ (WMQ) queues and performs a message transformation to XML. This XML is then wrapped in AS3 and then sent to the specific partner’s backend. The DataPower device then waits for an asynchronous AS3 Message Disposition Notification (MDN) befo re the transaction is treated as complete.\\nAll the messages between the partner and the provider are exchanged in encrypted format \\nand signed as a consequence of the assumed trading manager agreement.\\n 58 End-to-end Integration with IBM Sterling B2B In tegration and Managed File Transfer SolutionsFigure 3-5 shows the flow from a high-level perspective.\\nFigure 3-5   Scenario overview\\nMore details of this scenario and implementation details can be found in IBM WebSphere \\nDataPower B2B Appliance XB60 Revealed , SG247745.\\n3.3  Product information\\nIn this section, we describe the products used in the scenarios described in this chapter.\\n3.3.1  IBM Sterling File Gateway\\nIBM Sterling FIle Gateway is an application for transferring files between partners using \\ndifferent protocols, file naming conventions, and file formats. It runs as an application on IBM Sterling B2B Integrator, to wh ich it is fully integrated. \\nY ou can see the Sterling File Gateway Overview document at this website:\\nhttp://help.sterlingcommerce.com/SFG22/topic/com.ic.customization.doc/SFG22_Overvi\\new.pdfDataPower B2B Appliance\\nTrading Partner \\nB2B Gateway \\n(Banking Partner)DataPower B2B \\nAppliance\\n(B2B Gateway \\nService)DataPower B2B \\nAppliance\\n(Multi Protocol \\nGateway)ERP system\\nPayment \\nprocessing \\n(XML)Package the EDIX12 835 \\nin AS2 and apply security \\nbased on the Trading \\nPartner AgreementXML AS3 / XML\\nAS3 MDN Receive the AS3 \\nMDN and correlate to \\noutbound message \\nfor viewing purposesFlat File Payment\\nThe file is transformed from flat file  to XML in a \\n“Transform Binary” \\naction  and sent to the \\nB2B Gateway service for \\nAS3 routingThe back-end application \\ngenerates the Payment Lot \\n( Flat File)  and sends it to \\nthe DataPower XB60 \\ndeviceUsing AS3 for \\nERP Processing Transaction Flow over XMLInternet Chapter 3. Connecting with your partners and managing your communication 59IBM Sterling File Gateway features\\nIBM Sterling File Gateway has the following features:\\n/SM590000File/File name Transformations: Mapping of input to output file names, system-wide, \\ngroup, and partner-specific policies; co mmon file processi ng tasks such as \\ncompression/decompression, PGP encr yption/decryption, and signing.\\n/SM590000File Transfer Visibility: Events  are recorded for monitoring a nd reporting; det ailed tracking \\nfor input-output f ile structure processing and dynamic route determination;  ability to view \\nand filter Sterling File Gate way data flows for all users.\\n/SM590000Replay/Redeliver: One-click replay/redeliver capability that allows users to reprocess a \\ntransmission from the beginning or to resend just the processed file to a specify delivery destination.\\n/SM590000Notifications: Partners and operators can subscribe to be notified about events by emails.\\n/SM590000Predefined business processes: Define common behaviors in file-transfer scenarios, \\nreducing the need for customization.\\n/SM590000Extensibility: Custom event code s, protocols, facts, and co nsumer identification policies \\ncan be added to support unique scenarios.\\n/SM590000Broad communications Protocol Support: FTP , FTP/S, SSH/SFTP , SSH/SCP , and Sterling \\nConnect:Direct are supported upon installation , and additional prot ocols (such as AS2, \\nAS3, or Odette FTP) can be configured through use of the extensibility feature.\\n/SM590000Partner Interface (myFileGateway): Web browser-based interface that enables partners to \\nupload/download files, subscribe to notifications of events, manage passwords, search and view file transfer activity, and generate reports about file transfer activity.\\n/SM590000Flexible Mailbox Structures: Ab ility to specify mailbox struct ures that leverage pattern \\nmatching policies and specify attributes that must be true of all partners or a subset of partners.\\n/SM590000Dynamic Routing: Consumer derived at run-time, either through mailbox structure, file \\nname, business process-derived consumer name, or map-derived consumer name.\\n/SM590000Partner Onboarding: Easy-to-user graphical user interface to onboard partners and \\nconfigure the various combinations of communication protocols to enable Sterling File Gateway operations.\\nIBM Sterling File Gateway integrati on with IBM Sterling B2B Integrator\\nSterling File Gateway utilizes the Sterling B2B fo undation. Administrative functions such as \\ncreating and managing user accounts, permission groups, and security keys for Sterling File Gateway are handled in Sterling B2B Integrator.\\nSterling File Gateway utilizes the communication  adapters of Sterling B2B Integrator, which \\ninclude the following adapters:\\n/SM590000FTP Server adapter\\n/SM590000FTP Client adapter\\n/SM590000SFTP Server adapter\\n/SM590000SFTP Client adapter\\n/SM590000HTTP Server adapter\\n/SM590000HTTP Client adapter\\n/SM590000Connect:Direct Server adapter\\n/SM590000Command Line adapter 2 (for PGP) 60 End-to-end Integration with IBM Sterling B2B In tegration and Managed File Transfer SolutionsIBM Sterling File Gateway W eb Application myFileGateway\\nSterling File Gateway provides a Web Application named myFileGateway that can be used to:\\n/SM590000Upload or download files\\n/SM590000Search for routes in which they participated\\n/SM590000View recent activity and status for file transfers in which they participated \\n/SM590000Generate reports for activity in which they participated \\n/SM590000Change their password\\n/SM590000Subscribe to notification\\nIBM Sterling File Gateway Mailboxes\\nMailboxes can be used to stage date passing between internal systems and trading partners. \\nWhenever data is produced when trading partners are not available to receive it, or trading partners send data that cannot be immediately processed, Mailboxes can be used to store data until it can be retrieved.\\nRouting is another important f eature of Mailboxes. R outing provides Mailb oxes with the ability \\nto automate the processing of data received from trading partners.\\nIBM Sterling File Gateway integrati on with IBM Sterling Secure Proxy\\nIBM Sterling Secure Proxy can be deployed in a DMZ between IBM Sterling File Gateway and \\ntrading partners, as shown in Figure 3-6.\\nFigure 3-6   IBM Sterling File Gateway in tegration with IBM Sterling Secure Proxy/;#23/;#23#23/;#23#23#23/;#23#23#23#23/;#23#23#23#23#23/;#23#23#23#23#23#23/;#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23 /;#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23 /;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/##40He56442409eb2e77ad61dd1c271fabe6c/##43Hd27e308598cf1f8bcf9e336036f3f448 /;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23/;#23#23/;#23#23#23/;#23#23#23#23/;#23#23#23#23#23/;#23#23#23#23#23#23/;#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23 /##46H7a539460a8268e5915c0973dbb05dce1\\n/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/##49H7d5c40f4f2638829db6b707b7e9400a3/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/##4CH2eb0c8ba15de4cce8fa3c169622f8e93 /;#23#23#23#23#23/##4FHabe68123f3cb4e14e0d59c97044fedf7/##4FHabe68123f3cb4e14e0d59c97044fedf7/##52H929f5141f4575eca8d5e4ef21356227f\\n/;#23/;#23#23/;#23#23#23/;#23#23#23#23/;#23#23#23#23#23/;#23#23#23#23#23#23/;#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23\\n/;#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23/;#23#23/;#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23/;#23/;#23#23/;#23#23#23/;#23#23#23#23/;#23#23#23#23#23/;#23#23#23#23#23#23/;#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23 /;#23#23#23#23#23#23#23#23#23\\n/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/##52H929f5141f4575eca8d5e4ef21356227f/;#23#23#23#23#23#23#23#23/;#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23/##55H86fa5259cb141e4f33f834c08eacfe53/##55H86fa5259cb141e4f33f834c08eacfe53/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/##52H929f5141f4575eca8d5e4ef21356227f\\n/##55H86fa5259cb141e4f33f834c08eacfe53/;#23#23/;#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/##55H86fa5259cb141e4f33f834c08eacfe53/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23/;#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23/##58Hb981034091b194e41ef5193e7127dfd3/##5BH40500acfd45bb67052e9c43dd051a0f4/;#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23/;#23#23#23\\n/;#23/;#23#23/;#23#23#23/;#23#23#23#23/;#23#23#23#23#23/;#23#23#23#23#23#23/;#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23 /##46H7a539460a8268e5915c0973dbb05dce1\\n/g31/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23/##4FHabe68123f3cb4e14e0d59c97044fedf7/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23 /;#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23\\n/##49H7d5c40f4f2638829db6b707b7e9400a3/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23/##4FHabe68123f3cb4e14e0d59c97044fedf7/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/g32/;#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/##4CH2eb0c8ba15de4cce8fa3c169622f8e93/;#23#23#23#23#23/;#23#23#23#23#23#23#23/##49H7d5c40f4f2638829db6b707b7e9400a3/;#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/##58Hb981034091b194e41ef5193e7127dfd3/g31 /;#23#23#23#23#23#23#23#23/;#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/g31/##49H7d5c40f4f2638829db6b707b7e9400a3/;#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23\\n/##55H86fa5259cb141e4f33f834c08eacfe53/##4FHabe68123f3cb4e14e0d59c97044fedf7/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23\\n/##52H929f5141f4575eca8d5e4ef21356227f/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23/g33/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23/g31/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23/##4FHabe68123f3cb4e14e0d59c97044fedf7/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23 /;#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23\\n/g31/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/##55H86fa5259cb141e4f33f834c08eacfe53/g34/;#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23\\n/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23/g35/;#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23/g36/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23\\n/;#23/;#23#23/;#23#23#23#23#23#23/;#23#23#23#23#23#23 /;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/##55H86fa5259cb141e4f33f834c08eacfe53/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/g37/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/##55H86fa5259cb141e4f33f834c08eacfe53/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23\\n/g31/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23/g33/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23\\n/;#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23/;#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23/g38/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23\\n/g39/;#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/g39/;#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/##58Hb981034091b194e41ef5193e7127dfd3/g31\\n/##55H86fa5259cb141e4f33f834c08eacfe53/##4FHabe68123f3cb4e14e0d59c97044fedf7/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23\\n/##52H929f5141f4575eca8d5e4ef21356227f/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23/g33/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23\\n/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23/g40/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23\\n/g41/##46H7a539460a8268e5915c0973dbb05dce1/##40He56442409eb2e77ad61dd1c271fabe6c/;#23#23#23#23#23#23#23#23/g31/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23/##4FHabe68123f3cb4e14e0d59c97044fedf7/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23 /;#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23\\n/;#23/;#23#23/;#23#23#23#23#23#23/;#23#23#23#23#23#23 /;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/##55H86fa5259cb141e4f33f834c08eacfe53/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/g37/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/##55H86fa5259cb141e4f33f834c08eacfe53/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23\\n/##52H929f5141f4575eca8d5e4ef21356227f/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23/g33/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23/g42/g35/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23/;#23#23#23#23#23/##4FHabe68123f3cb4e14e0d59c97044fedf7\\n/;#23#23#23#23#23#23#23#23#23/g34/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/g43/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23/##55H86fa5259cb141e4f33f834c08eacfe53/;#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23/;#23#23#23#23#23#23\\n/##52H929f5141f4575eca8d5e4ef21356227f/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23/g33/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23/g44\\n/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23\\n/;#23#23#23#23#23#23#23#23#23\\n/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23/g45/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23\\n/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23/g46/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23 Chapter 3. Connecting with your partners and managing your communication 61The following list explains the flow in this scenario:\\n1. Arrow (1): Any session initiated by external trading partners (Company A) reaching \\nSterling Secure Proxy. These sessions can be initiated by external trading partners (Company A) FTP/S, SFTP , HTTP or HTTP/s client or server or an IBM Sterling Connect:Direct server.\\n2. Arrow (2): Any session initiated by Company B) reaching Sterling Secure Proxy. These \\nsessions can be initiated by Company B Sterling File Gateway FTP/S, SFTP , HTTP or HTTP/s client or server or an IBM Sterling Connect:Direct Server Adapter. \\n3. Arrow (3): Indicates use of an External Authentication server by Sterling Secure Proxy.4. Arrow (4): Indicates use of an External Authentication server by Sterling B2B Integrator.\\n5. Arrow (5): Indicates use of LDAP by External Authentication server.\\nFor more information, see IBM Sterling Secure Proxy Planning and Installation  at:\\nhttp://help.sterlingcommerce.com/SSP34/index.jsp\\nIBM Sterling File Gateway integrati on with IBM Sterling Control Center\\nIBM Sterling Connect:Direct can be monitored by IBM Sterling Control Center, as shown in \\nFigure 3-7.\\nFigure 3-7   IBM Sterling File Gateway in tegration with IBM St erling Control Center/;#23/;#23/;#23 /;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23 /;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23 /;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23/;#23#23/;#23#23#23/;#23#23#23#23/;#23#23#23#23#23/;#23#23#23#23#23#23/;#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23 /;#23#23#23#23#23#23#23#23#23/;#23/;#23#23#23#23#23#23#23#23#23#23/;#23/;#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23/;#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23 /;#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23/;#23#23/;#23#23#23/;#23#23#23#23#23#23#23 /;#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23\\n/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23/;#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23/##40He56442409eb2e77ad61dd1c271fabe6c/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/##43Hd27e308598cf1f8bcf9e336036f3f448/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23 /;#23#23/;#23#23#23/;#23#23#23#23#23#23#23/##40He56442409eb2e77ad61dd1c271fabe6c/;#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/##40He56442409eb2e77ad61dd1c271fabe6c\\n/;#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23 /;#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23\\n/##46H7a539460a8268e5915c0973dbb05dce1/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23/##49H7d5c40f4f2638829db6b707b7e9400a3/;#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/##4CH2eb0c8ba15de4cce8fa3c169622f8e93/;#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23/;#23/;#23#23/;#23#23#23/;#23#23#23#23/;#23#23#23#23#23/;#23#23#23#23#23#23/;#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23 /;#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23\\n/;#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23/;#23#23/;#23#23#23/;#23#23#23#23#23#23#23#23/;#23#23#23#23 /;#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23\\n/;#23#23/;#23#23#23/;#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23 /;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/##4FHabe68123f3cb4e14e0d59c97044fedf7/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23/##52H929f5141f4575eca8d5e4ef21356227f/##55H86fa5259cb141e4f33f834c08eacfe53/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/##4FHabe68123f3cb4e14e0d59c97044fedf7/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23\\n/;#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/##43Hd27e308598cf1f8bcf9e336036f3f448/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23\\n/##58Hb981034091b194e41ef5193e7127dfd3/##5BH40500acfd45bb67052e9c43dd051a0f4/;#23#23#23#23#23#23/;#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23\\n/;#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23/;#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23 /;#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23\\n/;#23#23/;#23#23#23/;#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23 /;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/##4FHabe68123f3cb4e14e0d59c97044fedf7/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23/##52H929f5141f4575eca8d5e4ef21356227f/##55H86fa5259cb141e4f33f834c08eacfe53/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/##4FHabe68123f3cb4e14e0d59c97044fedf7/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23\\n/##40He56442409eb2e77ad61dd1c271fabe6c/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/##43Hd27e308598cf1f8bcf9e336036f3f448/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23/g31/;#23#23#23#23#23#23#23#23#23#23#23#23/g32 /;#23/;#23/##40He56442409eb2e77ad61dd1c271fabe6c/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/##43Hd27e308598cf1f8bcf9e336036f3f448/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23\\n/;#23/;#23/;#23/g33/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23/;#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23/##40He56442409eb2e77ad61dd1c271fabe6c\\n/##46H7a539460a8268e5915c0973dbb05dce1/g34/g32/g35/;#23#23#23#23#23#23#23#23#23#23#23#23#23 /;#23/;#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23/##46H7a539460a8268e5915c0973dbb05dce1/g34/g32\\n/##40He56442409eb2e77ad61dd1c271fabe6c/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/##43Hd27e308598cf1f8bcf9e336036f3f448/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/##55H86fa5259cb141e4f33f834c08eacfe53/;#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23/g36/;#23#23#23#23#23#23/##40He56442409eb2e77ad61dd1c271fabe6c/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23\\n/;#23#23#23#23#23\\n/;#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23/;#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23 /;#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23/;#23#23/;#23#23#23/;#23#23#23#23#23#23#23 /;#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23\\n/;#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23/;#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23#23 62 End-to-end Integration with IBM Sterling B2B In tegration and Managed File Transfer SolutionsFor more information, see the Monitoring with Ster ling Control Center  manual at this website:\\nhttp://help.sterlingcommerce.com/SB2BI52/topic/com.ic.customization.doc/SI_52_PDF/\\nSI52_SCC.pdf\\n3.3.2  IBM Sterling Connect:Direct\\nIBM Sterling Connect:DIrect provides a high performance file based information exchange solution. It can exchange high volume of files between several different platforms. IBM Sterling Connect:Direct is suitable for exchanging files of any sizes and any type that the underlying operating system supports. The number of files exchanged in a time period depends on the hardware resources available. IBM Sterling Connect:Direct can scale up to support larger amounts of data exchange without the need for an extensive reconfiguration.\\nIBM Sterling Connect:Direct is a peer-to-peer solution. An IBM Sterling Connect:Direct \\ninstance communicates to another IBM Sterling Connect:DIrect instance installed at any supported platform or to a Sterling Connect:Direct Server Adapter instance running under an IBM Sterling B2B Integrator.\\nIBM Sterling Connect:Direct supports the following features:\\n/SM590000File-based information exchange is assured: A proprietary protocol guarantees file \\nintegrity.\\n/SM590000Multi-sessions: Several sessions can take place with one or several remote IBM Sterling \\nConnect:Direct instances simultaneously.\\n/SM590000Security: Exchanges occurs integrated with the underlying Operating System security.\\n/SM590000Compression: Compressing data improves performance on low speed lines.\\n/SM590000Encryption: Guarantees authentication, data integrity, and confidentiality.\\nFor more information, see the IBM Sterling Connect:Direct Product Overview  manual at this \\nwebsite:\\nhttp://www.sterlingcommerce.com/documentation/home/MFT/ConnectDirect/Common/CDOver\\nview.pdf\\nIBM Sterling Connect:Direct also has integrations with two additional IBM products:\\n/SM590000WebSphere MQ File Transfer Edition\\n/SM590000WebSphere Message Broker\\nWebSphere MQ File Transfer Ed ition: Connect:Direct bridge\\nWebSphere MQ File Transfer Edition transfers files between systems in a managed and \\nauditable way, regardless of file size or the operating systems used.\\nY ou can use WebSphere MQ File Transfer Edition to build a customized, scalable, and \\nautomated solution that enables you to manage, trust, and secure file transfers. WebSphere MQ File Transfer Edition elim inates costly redundancies, lowers maintenance costs, and \\nmaximizes your existing IT investments.\\nWebSphere MQ File Transfer Edition is built on WebSphere MQ, which provides assured, \\nonce-only delivery of messages between applications. Y ou can take advantage of various features of WebSphere MQ. For example, you can use channel compression to compress the data that you send between agents over WebSphere MQ channels and use SSL channels to secure the data that you send between agents. Files are transferred reliably and can tolerate the failure of the infrastructure over which the file transfer is carried out.  Chapter 3. Connecting with your partners and managing your communication 63From Version 7.0.4 of WebSphere MQ File Transfer Edition, you can transfer files to and from \\nan existing IBM Sterling Connect:Direct network. Use the Connect:Direct bridge (Figure 3-8), which is a component of WebSphere MQ File Transfer Edition, to transfer files between WMQFTE and IBM Sterling Connect:Direct.\\nFigure 3-8   Connect:Direct bridge\\nInformation about “The Connect:Direct bridge” can be found at the following website:\\nhttp://publib.boulder.ibm.com/infocenter/wmqfte/v7r0/topic/com.ibm.wmqfte.doc/cd_b\\nridge_overview.htm\\nInformation about “Configuring the Connect:Direct bridge” can be found at the following \\nwebsite:\\nhttp://publib.boulder.ibm.com/infocenter/wmqfte/v7r0/topic/com.ibm.wmqfte.doc/cd_b\\nridge_configure.htm\\nWebSphere Message Broker: CD Nodes\\nWebSphere Message Broker support for IBM Sterling Connect Direct is introduced in WebSphere Message Broker 7.0.0.4 using APAR IC75621. More details about this APAR can be found at the following website:\\nhttp://www-01.ibm.com/support/docview.wss?uid=swg1IC75621\\nThis feature will also be released in WebSphere Message Broker V8. \\nY ou can use the CDInput node in any flow that is designed to accept files from a IBM Sterling \\nConnect:Direct network. Y ou can use the CDInput node to extend WebSphere Message Broker support for file processing through its integration with IBM Sterling Connect:Direct.\\nOn z/OS, when the CDInput node receives notification of the arrival of a dataset that it should \\nprocess, the node copies that dataset into UNIX System Services temporarily, prior to processing.\\n 64 End-to-end Integration with IBM Sterling B2B In tegration and Managed File Transfer SolutionsThe CDInput node is contained in the File drawer of the palette, and is represented in the \\nWebSphere Message Broker Toolkit by the following icon (Figure 3-9):.\\nFigure 3-9   CDInput node\\nY ou can read more about CDInput node from the InfoCenter at the following website:\\nhttp://publib.boulder.ibm.com/infocenter/wmbhelp/v8r0m0/topic/com.ibm.etools.mft.d\\noc/bc14020_.htm\\nY ou can use the CDOutput node to serialize the message tree to a file and then transfer it \\nbetween two Connect:Direct servers. A directory under the work path within the execution group is used as the staging area, until the file is ready to be transferred.\\nAfter the file is transferred, it is deleted from the staging area. The CDOutput node is \\ncontained in the File drawer of the palette, and is represented in the WebSphere Message Broker Toolkit by the following icon (Figure 3-10):\\nFigure 3-10   CDOutput node\\nY ou can read more about CDOutput node from the InfoCenter at the following website:\\nhttp://publib.boulder.ibm.com/infocenter/wmbhelp/v8r0m0/topic/com.ibm.etools.mft.d\\noc/bc14015_.htm\\n3.3.3  IBM Sterling B2B Cloud Services\\nIBM Sterling B2B Cloud Services provide flexible  solutions and expert services to optimize \\ncustomers’ dynamic business network and reduce the time and complexity of securely integrating with 100% of their business partners.\\n Chapter 3. Connecting with your partners and managing your communication 65IBM Sterling File Transfer Service\\nIBM Sterling File Transfer Service is a cloud se rvice for file-based business interactions with \\ntrading partners. As an alternative to on-premise software, IBM Sterling File Transfer Service allows customers to manage a single, secure, reliable connection to the cloud to reach their partners without the capital expense associated with on-premise software or the operational impact on their IT staff.\\nThis offering fills a void in the portfolio by introducing a cloud servic e to replace on-premise \\nFTP and home-grown solutions for exchanging of large, multi-gigabyte files with B2B partners. The features of IBM Sterling File Transfer Service are listed in Table 3-2.\\nTable 3-2   Service features\\nCapability Description\\nStandards and \\nprotocolsProvides the following capabilities:\\n/SM590000Industry protocols: FTP , FTP/S, S/FTP , OFTP2 and AS2\\n/SM590000Utilize Zip to compress files\\nCentralized \\nmonitoring and \\nmanagementIBM Sterling InFlight Data Management visibility tool provides users: \\n/SM590000Reports and alerts for exception-based monitoring and event management\\n/SM590000Real-time views into file exchanges with trading par tners for all files tracked from start to finish\\n/SM590000Timely and accurate audit trails for all file transfer activity\\n/SM590000Mobile access to search, view and track transfers\\nSecurity and \\ngovernanceProvides the following capabilities:\\n/SM590000Connect to IBM Sterling File Transfer Service by a secure protocol, including IBM Sterling \\nConnect:Direct\\n/SM590000PGP encryption secu res files in-flight\\n/SM590000Single sign on user access\\n/SM590000Administrator IDs manage user access permissions and control screen level access\\n/SM590000Transfer logging provides a complete audit trail of file transfer activities\\nScalability IBM Sterling File Transfer Service scales with customers’ demand with minimal impact on their \\nresources and infrastructure:\\n/SM590000Flexible consumption models based on file sizes, volumes, and number of partners\\n/SM590000Process high volumes and large files within the capabilities for each protocol without \\ncompromising performance\\nFile transfer \\nautomationProvides the following capabilities:\\n/SM590000A single, secure connection with IBM Sterling File Transfer Service reaches partners\\n/SM590000Retry capabilities automate the repl ay and resend of failed transfers\\n/SM590000Intelligently route files based on sender, file name, and file type\\n/SM590000Protocol conversions in the cloud leverage partners’ existing protocols\\nOutsourced \\nservicesUse IBM skilled personnel to manage customer s’ B2B file transfer environment with:\\n/SM590000Onboarding services to support their trans ition to IBM Sterling File Transfer Service\\n/SM590000The geographical coverage, language support, availability and level of expertise to meet their \\nsupport needs, including phone, Web, and e-mail support\\n/SM590000Partner help desk services 66 End-to-end Integration with IBM Sterling B2B In tegration and Managed File Transfer SolutionsIBM Sterling B2B Collaboration Network\\nIBM Sterling B2B Collaboration Network is a cloud platform for delivering B2B integration and \\nvisibility, enabling customers to rapidly conn ect, exchange, and ma nage business data with \\nglobal partners. It acts as the communicati ons link between customers and their business \\npartners, and offers a growing list of on-demand application services. \\nIBM Sterling B2B Collaboration Network processes a variety of B2B integration requirements, \\nprovides flexibility to support varying needs, and improves speed to market for a range of \\nhosted offerings, listed next:\\n/SM590000Exchange Services:\\nExchange Services enable customers to communicate securely with anyone, in any way, \\nregardless of protocols, data formats, and preferred communication methods. Each customer has a single point of connection for business exchanges with many business partners, regardless of the type of communications protocol or data format required by each business partner.\\n/SM590000Translation Services:\\nTranslation Services enable customers to communicate with trading partners in any of the \\nfollowing translatio n relationships:\\n– XML to EDI and EDI to XML\\n– Proprietary data to EDI or XML– EDI or XML to proprietary data– EDI to EDI (including EDI data routed as e-mail attachments)– Flat-file layout to flat-file layout\\n/SM590000Community Services:\\nCommunity Services interconnect to other networks and bridges to other exchanges and \\ncommunities. Additionally, web-based services  and fax services help customers integrate \\nexchanges with trading partners who do not have EDI systems. The following are the available Community Services offerings:\\n– IBM Sterling Web Forms\\n– IBM Sterling Fax Conversion Services– IBM Sterling Managed AS2 Gateway\\n– IBM Sterling Service Bureau for SWIFT\\n– IBM Sterling Community Development Services\\n/SM590000Visibility Services:\\nVisibility Services enable cust omers to see the process as t heir business data is routed \\nthrough IBM Sterling B2B Collaboration Network to and from their trading partners. These services improve strategic decision making with real time visib ility and alerts into \\ncustomers’ B2B operations. The following Vi sibility Services offerings are available:\\n– IBM Sterling Document Tracking\\n– IBM Sterling InFlight Data Management– IBM Sterling Report Visibility– IBM Sterling Supply Chain Visibility\\n/SM590000Application Services:\\nApplication Services provide specific industry and business functionality. The following \\nApplication Services offerings are available:\\n– IBM Sterling e-Invoicing\\n– IBM Sterling Transportation Management System– IBM Sterling Supplier Portal– IBM Sterling Data Synchronization Manager Chapter 3. Connecting with your partners and managing your communication 67IBM Sterling Web Forms\\nIBM Sterling Web Forms is a customizable website operated by IBM that enables customers’ \\ntrading partners to create and exchange business documents using the Internet. It helps customers integrate smaller trading partners, who do no t have EDI capabilities, into their \\nelectronic trading community.\\nTo replace paper business documents with electronic commerce, customers sponsor Web \\nForms communities that allow their smaller partners to receive, complete, and send electronic business documents from IBM Sterling Web Forms website. Web Forms communities function as follows:\\n/SM590000A Web Forms community consists of a large company that sponsors the service and its \\nsmaller business partners that are members of the community.\\n/SM590000The sponsor sends a data file, in either EDI or XML format, to IBM Sterling B2B \\nCollaboration Network, which routes the document to IBM Sterling Web Forms system. \\nWeb Forms translates the data format into the Web Forms proprietary format, and posts it on the Web Forms site for the member to retrieve.\\n/SM590000Members use a web browser to access the Web Forms site and complete an HTML-based \\ndocument, also called a Web Form.\\n/SM590000Sponsors use a browser to access the Sterling Web Forms administration site, where they \\ncan create messages for their members, generate reports about their community’s activity, change login information given to new members, and so on.\\n3.3.4  IBM Sterling Control Center\\nIBM Sterling Control Center provides centralized management, monitoring and notification for several IBM Sterling products: \\nIBM Sterling Control Center  monitoring and notification\\nIBM Sterling Control Center monitors operations on IBM Sterling products and issue real-time \\nnotifications in case any problem is detected,\\nSome benefits of IBM Control Center monitoring/notification functions are as follows: \\n/SM590000No processing exception goes undetected, thus preventing business impacts.\\n/SM590000It helps processing windows to be met.\\n/SM590000It avoids situations where a Service Level Agreement (SLA) is not respected.\\nHere are the main examples of the operations monitored by IBM Sterling Control Center:\\n/SM590000IBM Sterling Connect:Direct Server Status\\n/SM590000IBM Sterling Connect:Direct processes activities\\n/SM590000IBM Sterling Connect:Direct File Agent F ile Agent Service In itialization Error\\n/SM590000Process not submitted by File Agent within a time period\\n/SM590000IBM Sterling B2B Integrator Perimeter Server Status\\n/SM590000IBM Sterling B2B Integr ator Adapter Status\\n/SM590000IBM Sterling B2B Integrator Business Process activities\\n/SM590000IBM Sterling B2B Integrator AFT File Transfer Activities\\n/SM590000IBM Sterling B2B Integrator Sterling File Gateway (SFG) activities\\n/SM590000File Transfer Protocol (FTP) activities 68 End-to-end Integration with IBM Sterling B2B In tegration and Managed File Transfer Solutions/SM590000IBM Sterling Control Center can notify when an IBM Sterling Connect:DIrect Secure+ \\ncertificate is about to expire.\\n/SM590000IBM Sterling Control Center can notify when and IBM Sterling Connect DIrect license is \\nabout to expire.\\nFor more information, see the Sterling Integrator manual, Monitoring with Sterling Control \\nCenter, at this website: \\nhttp://help.sterlingcommerce.com/SB2BI52/topic/com.ic.customization.doc/SI_52_PDF/\\nSI52_SCC.pdf\\nIBM Sterling Control Center  Service Level Criteria \\nAnother important feature of IBM Sterling Control Center is the Service Level Criteria (SLC). \\nSLCs define an event that should occur in a time period. For instance, an IBM Sterling Connect:DIrect process is expected to be executed every Monday between 03:00PM and 04:30PM. If process execution does not occur in that time window, an SLC can generate a notification so that measures could be taken to fix the problem.\\nFor more information, see the IBM Sterling Control Center System Administration Guide  at \\nthis website:\\nhttp://www.sterlingcommerce.com/documentation/SCC53/PDF/SystemAdministration.pdf\\nIBM Sterling Control Center Notification \\nIBM Sterling Control Center notifications can be made available in the following ways:\\n/SM590000IBM Sterling Control Center consoles. There is  a local console, and remote consoles run \\nunder a web browser.\\n/SM590000SMTP (e-mails) can be sent to administration or operation users.\\n/SM590000SNMP traps can be sent to a suitable application.\\n/SM590000Emits JMS to IBM MQ Broker, which can be accessed by WebSphere.\\nEach user has restricted ac cess to some events only. © Copyright IBM Corp. 2012. All rights reserved. 69Chapter 4. Routing and transforming \\nmessages\\nThis chapter describes the components used to integrate message based routing and \\ntransformation in the scenarios demonstrated in Part 2, “Scenarios based on the proposed solution architecture” on page 101. In addition to describing the components used, we discuss recommended practices, alternative methods, and alternative products. \\nWe also describe how WebSphere Transformation Extender, WebSphere Message Broker, \\nWebSphere DataPower Appliance, and Sterling B2B Integrator can all work together to accomplish functional requirements to route, tr ansform, and translate messages from source \\nto target, regardless of the protocols and formats that make up the environment.\\nThis chapter includes the following sections:\\n/SM5900004.1, “What are the business requirements?” on page 70\\n/SM5900004.2, “Message based integration choices” on page 72\\n/SM5900004.3, “Product information” on page 744 70 End-to-end Integration with IBM Sterling B2B In tegration and Managed File Transfer Solutions4.1  What are the business requirements?\\nWhat a business requires in terms of transformat ion and routing is always based on the kind \\nof business being done. Requirements can depend on these factors:\\n/SM590000Nature of existing services\\n/SM590000Kind of data to be transferred\\n/SM590000Communication protocol\\n/SM590000Industry standards\\n/SM590000Business monitoring and intelligent routing\\nBefore we proceed further, we need to understand the meaning of mediation . Simply put, \\nmediation can mean either of the following types of intervention:\\n/SM590000An intervention in a dispute in order to resolve it\\n/SM590000An intervention in a process or relationship\\nIn the process of mediation, it  is required that the parties in volved are willing to communicate \\nand negotiate with each other. Then it becomes the responsibility for a mediator to enable \\nmediation between the involved parties.\\nIn a real world scenario, assume that some business is being conducted between Chinese \\nand American parties. The Chinese business representative only speaks and understands Chinese, and the American representative only speaks and understands English. For both of them to directly communicate with each other is next to impossible, so they would need a translator who can perform language translation or \\nmediation  between the two business \\nrepresentatives. Chapter 4. Routing and transforming messages 71Figure 4-1 illustrates the langua ge mediation task performed by the language translator.\\nFigure 4-1   Language mediation by translator\\nIf we replace business representatives by software services, which need to communicate with \\neach other for business integration, there is a need for a software mediation module to help integrate these business services. The mediati on module needs to enable this integration \\nwith the following features:\\n/SM590000Content transformation\\n/SM590000Communication protocol switching\\n/SM590000Message routing\\nFigure 4-2 illustrates the medi ation module components.\\nFigure 4-2   Software mediation module\\n 72 End-to-end Integration with IBM Sterling B2B In tegration and Managed File Transfer SolutionsTo illustrate the responsibilitie s of the mediation module, we use an example of a simple \\nmediation that provides stock quotes. A client application provides a query containing a stock symbol and customer ID to the mediation module which processes the query. The customer\\'s subscription level is determined, and depending on the level of subscription, the query is routed to the appropriate service provider. The quote that is returned from the service provider is converted into the customer\\'s preferred currency before it is returned to the client application.\\nWe are using a mediation module because we want to use different interfaces from two \\nexternal service providers, and expose a single interface to the client application. We need to build the service quickly with the ability to c hange the application on  demand, and without \\nmodeling a business process. We also want th e ability to change the se rvice provider without \\ndisrupting the service. Figure 4-3 shows the complete mediation.\\nFigure 4-3   Stock quotes mediation module\\n4.2  Message based integration choices\\nIn this section, we discuss message based integration patterns. More details about these patterns can be found at the following websites:\\nhttps://www.ibm.com/developerworks/wikis/display/esbpatterns/Message-based+Integra\\ntion\\nhttp://www.ibm.com/developerworks/library/ws-enterpriseconnectivitypatterns/index.\\nhtml\\nMediation infrastructure can help an existing messaging infrastructure by providing an \\nenvironment for building and deploying “infrastructure level” message based “applications”. Examples of such “applications” include rout ing and transformation services. In a message \\noriented model, we are typically much more focused around the data that is flowing through the system and the set of actions that are applied to this in-flight data; that is, we have more of a producer-to-consumer view. While it is not an absolute distinction, this line of thinking can \\ninfluence the context in which we seek to apply each pattern listed next:\\n/SM590000Message router pattern\\n/SM590000Message translator pattern\\n/SM590000Message bridge pattern\\n/SM590000Message aggregator pattern\\n Chapter 4. Routing and transforming messages 73/SM590000Message splitter pattern\\n/SM590000Message request/response correlator\\n/SM590000Message router pattern\\nThe message router pattern can be used to provide a strong level of decoupling between \\napplications or services which need to exch ange data by enabling data sent from one \\napplication to be routed to one of several potential target applications based on various conditions.\\nContext-based routers select an appropriate target based on the identity of the sender or on \\nsome aspect of the data carried in a protocol header. Content-based routers make a selection based on the content of the message payload. Load-based routers use information about the application load on the various target systems.\\n4.2.1  Message translator pattern\\nThe message translator pattern allows data from one application to be mapped into the data format required by another application without either application being aware that such mapping is needed or taking place. This pattern covers anything from direct mapping to highly complex transformations possibly involving lookups and cross references.\\n4.2.2  Messaging bridge pattern\\nThe messaging bridge pattern maps data from one transport mechanism to another without modifying the format or content of the message payload. An implementation of this pattern must also handle the mapping between the different addressing schemes which might be used by the separate messaging systems.\\nA frequent example of the use of this pattern is the bridging between JMS implementations \\nfrom different vendors.\\n4.2.3  Message aggregator pattern\\nThe message aggregator pattern addresses the need to take multiple messages from one or more applications and merge them into a single piece of data to be propagated as a new message. The inbound messages can come from independent applications or an be asynchronous response messages from a set of applications which received requests from an implementation of the message splitter pattern (described below in “Message splitter pattern” on page 73).\\nAn implementation of this pattern can simply concatenate the individual source messages or \\ncan incorporate some mo re sophisticated set of data mapp ing capabilities. It must also be \\nable to handle the failure of an expected inbound message to arrive within a prescribed time period and the subsequent late arrival of this message.\\n4.2.4  Message splitter pattern\\nThe message splitter pattern extracts subsets of  a message which are then sent as separate \\nmessages to multiple target applications. A set of mapping rules define how the original inbound message is to be broken apart into constituent pieces. 74 End-to-end Integration with IBM Sterling B2B In tegration and Managed File Transfer Solutions4.2.5  Message request/ response correlator pattern\\nA typical message broker system is often processing multiple requests from the same stream \\nor queue in a parallel, asynchronous manner. When such requests are being routed to a further system (or systems), there is a requirement to correlate any response messages to the original request. The message request/response  correlator pattern provides a solution to \\nthis particular problem.\\n4.3  Product information\\nIn this section we discuss the IBM products used for routing and transforming the messages.\\n4.3.1  WebSphere Message Broker\\nWebSphere Message Broker is a platform-independent  based ESB that pr ovides universal \\nconnectivity. It can be used to integrate disp arate applications and is designed to transform \\nvarious formats of data between any type of applications using a number of supported communications protocols or distribution methods. It is used where there is a need for high-performance and complex integration patterns.\\nWebSphere Message Broker V8.0 offers simplicity and productivity in terms of developing \\nand managing the WebSphere Message Broker environment. WebSphere Message Broker plays a critical role in SOA and offers a wide range of SOA scenarios in which it can be integrated. The dynamic operational management of WebSphere Message Broker enables administrators to effectively understand and modify broker behavior, which thus enables them to respond quickly to business requirements. WebSphere Message Broker is supported on a large range of platforms and environments.\\nInstalling and configuring WebSph ere Message Broker V8 .0 is significantly simplified with the \\nremoval of the Configuration Manager, the User Name Server components, and the removing the requirement for a system database.\\nFor additional information about these changes, go to the following website:\\nhttp://publib.boulder.ibm.com/infocenter/wmbhelp/v8r0m0/topic/com.ibm.etools.mft.d\\noc/bb23110_.htm\\nProcessing logic in WebSphere Message Broker is implemented using message flows. \\nThrough message flows, messages from business applications can be transformed and routed to other business applications. Message flows are created by connecting nodes together. A wide selection of built-in nodes are provided with WebSphere Message Broker. These nodes perform tasks that are associated with message routing, transformation, and enrichment. The base capab ilities of WebSpher e Message Broker are enhanced by \\nSupportPacs that provide a wide range of additional enhancements. Chapter 4. Routing and transforming messages 75Message routing\\nRouting a message involves sending an incoming message to a destination that is based on a \\ncriteria. The destination can be predefined (static) or based on information that is obtained at the time of the message flow (dynamically). A common routing pattern includes a dynamic lookup of the destination based on the incoming message type and routing the message to that destination. This routing pattern typically consists of the steps shown in Figure 4-4.\\nFigure 4-4   A typical routing mechanism\\nPackaged with WebSphere Message Broker are a variety of nodes through which connectivity is provided for both standards and non-standards-based applications and services. Routing can be point-to-point or based on matching the content of the message with a pattern that is specified in a node. \\nAggregation is an advanced form of message routing. With aggregation, a request message \\nis received, and multiple new request messages are generated. Each new message is routed to its destination using a request-reply interaction. WebSphere Message Broker tracks the process, collecting each response and recomposing them into a single output message. \\nFigure 4-5 shows the nodes available in the WebSphere Message Broker palette for enabling \\nmessage based routing. \\nFigure 4-5   Routing nodes in WebSphere Message Broker\\nRouting can also be performed programmatically using Compute Node, Java Compute Node, PHP Node, and .Net Compute node. \\n 76 End-to-end Integration with IBM Sterling B2B In tegration and Managed File Transfer SolutionsMessage transformation\\nOne of the key capabilities of WebSphere Message Broker  is the transformation and \\nenrichment of in-flight messag es. This capability enables bu siness integration without the \\nneed for any additional logic in the applications, for example, an application that generates messages in a custom format can be integrated with an application that only recognizes XML. This capability provides a po werful mechanism to unify or ganizations because business \\ninformation can now be distributed to applications that handle completely separate message formats.\\nIn WebSphere Message Broker, message transformation and enrichment are dependent \\nupon a broker understanding the structure and content of the incoming message. Self-defining messages, such as XML messages, contain information about their own structure and format. However, before other messages, such as custom format messages, can be transformed or enhanced, a message definition of their structure must exist. The WebSphere Message Broker Toolkit contains  facilities for defining messages to the \\nWebSphere Message Broker.\\nUsing parsers and message sets, WebSphere Message Broker can validate and check that \\nincoming messages comply with the format that is defined in the message set. A flow can be constructed to reject and handle non-compliant messages. Additionally, complex manipulation of message data can be performed using extended SQL (ESQL), Java, and PHP facilities, which are provided in the WebSphere Message Broker Toolkit.\\nWebSphere Transformation Extender can be integrated into the WebSphere Message Broker \\nESB solution to extend the exis ting capabilities and to simp lify transformation development.\\nApplications typically use a combination of messages, which includes those that are defined \\nby the following structures or standards:\\n/SM590000C and COBOL data structures\\n/SM590000Industry standards such as X12, ACCORD AL3, EDIFACT, SWIFT, EDI or HL7\\n/SM590000XML DTDs or schemas\\n/SM590000SOAP\\n/SM590000CSV\\n/SM590000IDoc\\n/SM590000User Defined\\nMediation flows must be able to transform a message from one format to another with \\nacceptable throughput. Messages in WebSphere Message Broker can be transformed using one of the following ways:\\n/SM590000Compute node (ESQL)\\n/SM590000XSLTransform node (Extensible Stylesheet Language Transformations)\\n/SM590000Mapping node (graphical)\\n/SM590000JavaCompute node (Java)\\n/SM590000Runtime message set and definition\\n/SM590000PHPCompute node (PHP)\\n/SM590000WebSphere TX node\\nAlong with the nodes in the \\nTransformation  tab, an additional WTX node is also available in \\nthe WebSphere Message Broker toolkit, after the IBM WebSphere Transformation Extender Design Studio is installed on the same development workstation. Figure 4-8 on page 80 illustrates the WebSphere TX  node in the WebSphere Message Broker toolkit. Chapter 4. Routing and transforming messages 77When a message arrives from a transport protocol wired to the message flow runtime, the \\nmessage bit stream is parsed using a phys ical format, such as XML. See Figure 4-6.\\nFigure 4-6   WebSphere Message Broker runtime architecture\\nWhen the message format is known, the broker parses an incoming message bit stream \\nusing the message set and definition that are defined on the flow configuration and converts it into a logical message tree for later manipulation. After the message is processed by the message flow, the broker converts the messag e tree back into a message bit stream. The \\ntransformation includes reformatting the message, concatenating the strings, or changing the element values.\\nThe following physical formats are supported by the broker run time:\\n/SM590000XML:\\nThis format is the default runtime configuration. The message structure is validated and \\ntransformed using the parser specification that is defined inside the message flow.\\n/SM590000Text (TDS):\\nThe Text or Tagged Delimited String (TDS) physical format is designed to model \\nmessages that consist only of text strings. Examples of TDS messages are those that conform to the ACORD AL3, EDIFACT, HL7, SWIFT, and X12 standards. The TDS physical format allows a high degree of fl exibility when defining message formats and is \\nnot restricted to modeling specific industry standards. Therefore, you can use the TDS format to model your own messages.\\n/SM590000Binary (CWF):\\nThe Binary or Custom Wire Format (CWF) is a physical representation of a message that \\nis composed of a number of fixed format data structures or elements, which are not separated by delimiters. The CWF physical format is typically used to describe messages that are mapped to a C structure, a COBOL copybook, or any other programming language data structure definition.\\nMessage set:  A message set can have one or more physical formats on each XML, TDS, \\nand CWF format. 78 End-to-end Integration with IBM Sterling B2B In tegration and Managed File Transfer SolutionsWebSphere Message Broker typically supplies a range of parsers to parse and write \\nmessage formats. Some message formats are self-defining and can be parsed without reference to a model. An example of a self-defining message format is XML. In XML, the message itself contains metadata and data values, enabling an XML parser to understand an XML message even if no model is available.\\nMost message formats, however, are not self-defining. That is, a binary message that \\noriginates from a COBOL program and a SWIFT formatted text message do not contain sufficient metadata to enable a parser to understand the message. The parser must have access to a model that describes the message to parse it correctly.\\nTable 4-1 lists the supported parsers for WebSphere Message Broker.\\nTable 4-1   WebSphere Message Broker parsers\\nMessage models \\nMessage modeling is a way to predefine the message formats that applications use. \\nWebSphere Message Broker uses message models to automatically parse and write message formats.\\nThe components of a message model are as follows:\\n/SM590000 Message set projects\\n/SM590000 Message sets\\n/SM590000 Message definition files\\n/SM590000 Message categoriesParser name Parser description\\nMRM For modeling a wide range of messages, including XML, fixed-format binary, and \\nformatted text. This domain is usually used for enrichment of the message \\ntransformation; for example, creating COBOL copybook using CWF .\\nXMLNSC\\nXMLNS\\nXMLFor messages that conform to the W3C XML standard. The input bitstream must \\nbe a well-formed XML document that conf orms to the W3C XML specification. \\nXMLNSC is the preferred domain for generic XML messages, and messages using XML namespaces.\\nDataObject\\nIDOCUsed for messages going in and out of WebSphereAdapter nodes. The \\nDataObject parser parses the business objects  that are received from EIS. It is \\nguided by XML schemas that model the EIS business objects. IDOC is \\nimplemented by using the SAP BAPI and the IDoc SAP format.\\nMIME For handling multipart MIME messages, such as SOAP with attachments or \\nRosettaNet.\\nBLOB A parser that is used with messages that do not need to be interpreted in a \\nlogical message tree. The run time internally interprets the message as a BLOB bit stream. It is commonly used with me ssages that do not have a well-defined \\nelement tree structure, such  as the ISO8583 standard.\\nJMSMap\\nJMSStreamFor modeling messages that are produced by the implementations of JMS \\nstandard. JMSMap domain can be used when handling JMS messages of type \\nMapMessage. JMSStream domain can be used when handling JMS messages of type StreamMessage.\\nSOAP Creates WSDL-based logical tree format to work with Web Services and \\nvalidates incoming messages against a WSDL definition. Chapter 4. Routing and transforming messages 79The majority of the model content is described by message definition files. These files use the \\nXML schema to represent the messages. Each message definition file describes both the logical structure of the messages and the physical format or formats that describes the appearance of the message bit stream during transmission.\\nIf you are using the MRM domain, you must provide physical format information. This \\ninformation tells the MRM parser how to parse t he message bit stream. If you are using one of \\nthe XML domains, physical format information is not needed.\\nHowever, if your messages are self-definin g and do not require m odeling, there are still \\nadvantages to modeling them:\\n/SM590000Enhanced parsing of XML messages:\\nAlthough XML is self-defining, without a model all data values are treated as strings. If a \\nmodel is used, the parser knows the data type of data values and can cast the data accordingly.\\n/SM590000 Improved productivity when writing ESQL:\\nWhen you create ESQL programs for WebSphere Message Broker message flows, the \\nESQL editor can use message models to provide code completion assistance.\\n/SM590000Drag-and-drop message maps:\\nWhen you create message maps for WebSphere Message Broker message flows, the \\nMapping editor uses the message model to po pulate its source and target views. Without \\nmessage models, you cannot use the Mapping editor.\\n/SM590000More efficient way to implement websites:\\nPHP is a dynamic scripting language that is most frequently used to implement websites. \\nPHPCompute node provides th e ability to transform and ro ute messages in WebSphere \\nMessage Broker V8.0.\\n/SM590000Runtime validation of messages:\\nWithout a model, it is not possible for a parser to check that input and output messages \\nhave the correct structure and data values.\\n/SM590000Reuse of message models in whole or in part can be done by creating new messages \\nbased on existing messages.\\n/SM590000Automatic generation of documentation.\\n/SM590000Provision of version control and access control for message models by storing them in a \\ncentral repository.\\nTip: When creating output messages, the MRM parser can automatically generate the \\nXML declaration and other XML constructs based on options in the model, which simplifies the transformation logic. For more information about when to use MRM or XMLNS(C) domains, search on “Which XML parser should you use” in the WebSphere Message Broker Information Center at the following website:\\nhttp://publib.boulder.ibm.com/infocenter/wmbhelp/v8r0m0/index.jsp?topic=/com.ib\\nm.etools.mft.doc/ad70530_.htm 80 End-to-end Integration with IBM Sterling B2B In tegration and Managed File Transfer SolutionsMessage transformation nodes\\nAfter a logical message structure is created, the implementing flow has full access to the \\nparsed elements inside of the message. In this sections, we describe the nodes that can be used to transform a message wit hin a mediation flow. Figure 4-7 illustrate nodes available in \\nWebSphere Message Broker palette to perform message transformation. \\nFigure 4-7   Transformation nodes in WebSphere Message Broker\\nFigure 4-8 illustrates the WTX Map node for message transformation. WTX Map node uses \\nWTX maps for message transformation. WTX maps can be deployed on execution group or can be used from an external location.\\nFigure 4-8   WTX Map node\\nUsing WTX nodes for tranformation:  There are multiple nodes available in WebSphere \\nMessage Broker for routing and transformation of business data. A list of these nodes was also discussed in 4.3.1, “WebSphere Message Broker” on page 74. \\nAs a best practice, it is recommended to use WTX node for tranformation, with WTX \\nIndustry standard packs. WTX offers multiple industry standard packs, for example:\\n/SM590000WebSphere Transformation Extender pack for ACORD\\n/SM590000WebSphere Transformation Extender pack for HL7\\n/SM590000WebSphere Transformation Extender pack for HIPAA\\n/SM590000WebSphere Transformation Extender pack for SEPA\\n/SM590000WebSphere Transformation Extender pack for EDIFACT\\n/SM590000WebSphere Transformation Extender pack for SWIFT\\n/SM590000WebSphere Transformation Extender pack for X12\\nTo read more details about WTX node, see the following websites:\\nWTX Map node overview:\\nhttp://publib.boulder.ibm.com/infocenter/wtxdoc/v8r2m0/index.jsp?topic=/com.ibm\\n.websphere.dtx.wtx4wmb.doc/concepts/c_wtx4wmb_node_overview.htm\\nDesigning, developing, and deploying WebSphere Transformation Extender:\\nhttp://www.ibm.com/developerworks/websphere/library/techarticles/0907_gupta/090\\n7_gupta.html\\nChapter 5, “Health Insurance scenario” on page 103 illustrates usage of WTX node in \\nWebSphere Message Broker with WebSphere Transformation Extender pack of HIPAA.\\n Chapter 4. Routing and transforming messages 814.3.2  WebSphere Transformation Extender\\nWebSphere Transformation Extender is an Enterprise Application Integration tool used for \\ntranslation and transformation of messages from any source format to any target format, and allows messages from one or many sources to be translated and transformed to one or many targets at the same time. In this section, we discuss the WebSphere Transformation Extender products that we use to implement the scenarios in Part 2 of this book, as well as the methods and practices we used to implement the components of the solution where WebSphere Transformation Extender is deployed.\\nWebSphere Transformation Extender Design Studio\\nWebSphere Transformation Extender Design Studio  is the development tool used to design \\nand develop the maps used for transformation and translation tasks. We do not get into details of development, because the purpose of th is book is integration, but we do describe a \\nfew features of the Design Studio that accelerate development, testing, and delivery of the maps that you need in your solution.\\nAfter you have developed and tested your map on your local platform, you need to do \\npreliminary testing in the target  environment with your target integration software. The Design \\nStudio makes testing your map on the target very simple in the case of Sterling B2B Integrator and the WebSphere DataPower Appliance. WebSphere Message Broker requires more effort, because the ability to test on the br oker from the Design Studio is not built in.\\nTesting a map on the Sterling B2B Integrator server\\n“WebSphere Transformation Extender for Integration Servers” must be installed before you \\ncan execute a map on the Sterling B2B Integrator server. The Design Studio gives you the ability to test and deploy maps from  within Design Studio on the server as well, as long as you \\nhave “WebSphere Transformation Extender for Integration Servers” installed on the development platform in addition to the server. It is not required that you deploy a map to the server before you are able to test it on the server from Design Studio.  82 End-to-end Integration with IBM Sterling B2B In tegration and Managed File Transfer SolutionsIn order to test or deploy a map from the Design Studio on the server where Sterling B2B \\nIntegrator is installed, you must first configure the connectivity settings for the Test Map service and the Check In map service in the Design Studio. These two services can share the same connectivity settings. It is done by navigating to Window \\uf0ae Preferences \\uf0ae \\nTransformation Extender \\uf0ae Map\\uf0ae Sterling B2B Integrator. (Figure 4-9). Y ou would then \\npopulate the information. If you need assistance on how to configure the Design Studio for the appliance, help is available by navigating to the WebSphere Transformation Extender help window.\\nFigure 4-9   WebSphere Transformation Ex tender Sterling B2B Integrator preference\\n Chapter 4. Routing and transforming messages 83After the configuration has been completed, you can then execute the map on the server from \\nDesign Studio by either right-clicking the executable map in the Composition or Outline view and then selecting Run on Sterling B2B Integrator or by clicking the executable map and \\nusing the key combination “Ctrl+Shift+R”. \\nY ou can deploy the map by performing the same steps as described for executing the map, \\nexcept that you would choose Deploy to Sterling B2B Integrator  or use the key combination \\n“Ctrl+Shift”D”. See Figure 4-10.\\nFigure 4-10   Test or deploy map on Sterling B2B Integrator server\\nTesting a map on the WebSphere DataPower Appliance\\n“WebSphere Transformation Extender for Integration Servers” is not required to be installed in \\norder to test or deploy maps on the WebSphere DataPower Appliance. The appliance ships with the runtime in the firmware, and the Design Studio has the ability to  test the map on the \\nappliance, and deploy to the appliance built in. Integration:  The integration of WebSphere Transformation Extender with the WebSphere \\nDataPower Appliance, discussed in this section, describes the integration available in \\nWebSphere Transformation Extender v8.3.x. \\nAt the time this book was written, WebSphere Transformation Extender v8.4.0 did not \\nexpose the WebSphere DataPower Appliance inte gration capability. In tegration similar to \\nwhat is discussed, along with extended capabilit ies, will be available in v8.4.x when v5.0 of \\nthe WebSphere DataPower Appliance is released.\\n 84 End-to-end Integration with IBM Sterling B2B In tegration and Managed File Transfer SolutionsIn order to test or deploy a map on the WebSphere DataPower Appliance, you must configure \\nthe connectivity settings for the TX-Test XML Firewall Service and the XML Management Interface Service in the Design Studio. Y ou do it by navigating to Window \\uf0ae Preferences \\uf0ae \\nTransformation Extender \\uf0ae Map\\uf0ae DataPower. (Figure 4-11). Y ou then populate the \\ninformation. If you need assistance on how to configure the Design Studio for the appliance, help is available by navigating to the WebSphere Transformation Extender help window.\\nFigure 4-11   WebSphere Transformat ion Extender DataPower preference\\n Chapter 4. Routing and transforming messages 85After the configuration has been completed, you can then execute the map on the appliance \\nfrom the WebSphere Transformation Extender Design Studio. However, only maps built to be executed on the appliance can be tested this way.  The reason for it is that not all capabilities \\navailable on other server platforms are available on the appliance. Y ou build a map for the appliance by navigating to Map Settings and setting the “MapRuntime” attribute of the map to WebSphere DataPower through the drop-down list. See Figure 4-12.\\nFigure 4-12   Design Studio map setting to build map for WebSphere DataPower Appliance\\nAfter it is done, you would build the executable map as you normally would, and the build process would create a map specifically built to run on the appliance, with the extension .dpa. \\nAfter the map has been built, you can test it locally, test it on the appliance from the Design Studio, or deploy it to the applianc e. You test locally by selecting Run Locally  from the \\ncontext menu or by right-clicking the executable map in the Composition or Outline view. Selecting this option does not execute the map on the appliance. \\nY ou can test the appliance by clicking the normal Run icon after the map has been built for \\nthe appliance and the connectivity settings have been configured. Finally, you can deploy the map to the appliance by selecting Deploy to DataPower  from the context menu by \\nright-clicking the executable map in the Composition or Outline view. See Figure 4-13.\\n 86 End-to-end Integration with IBM Sterling B2B In tegration and Managed File Transfer SolutionsFigure 4-13   Test or deploy map on the WebSphere DataPower Appliance\\nTesting a map on WebSphere Message Broker\\nThe Design Studio does not allow you to test from the designer on the target WebSphere \\nMessage Broker platform as it does for the WebSphere DataPower Appliance or the Sterling B2B Integrator server. However, like maps that execute on the Sterling B2B Integrator, maps intended to execute from WebS phere Message Broker will execut e as they do on the local \\nDesign Studio environment as long as the map has been built for the environment that hosts the broker. Unit testing a map on the broker is discussed in “Testing maps in a WebSphere Message Broker runtime environment” on page 88.\\nImporting data format definitions\\nAlong with the ability to execute maps on prac tically any platform, another of the most \\npowerful features of WebSphere Transformation Extender is the ability to represent any type \\nof message format through a type tree definition. \\nA type tree is the proprietary data definition structure used by WebSphere Transformation \\nExtender to parse inbound data, and to build outbound data. In order to expedite generation of type trees, WebSphere Transformation Exte nder Design Studio provides the ability to \\nimport many standard data definitions into type trees. Valid xml schema definitions can either be imported into type trees, or used natively to define input and output. It is recommended that native xsd be used unless additional data definition properties need to be defined that are not supported as native xsd, or you intend to process broken or illegal XML. \\n Chapter 4. Routing and transforming messages 87In addition to the WebSphere Transformation Extender type importers that allow you to import \\nthe formats shown in Figure 4-14, application specific importers are available as add-on components to support formats like SAP IDocs, SAP BAPI, SAP ALE, and more.\\nFigure 4-14   WebSphere Transfo rmation Extender Type Importers\\nWebSphere Transformation Extender  for Integration Servers\\nWebSphere Transformation Extender for Integration Servers allows WebSphere \\nTransformation Extender translat ion capabilities and components to be ready to deploy in \\nmessage flows, mediation flows, and business processes. WebSphere Transformation Extender complements the nativ e capabilities of these IBM pr oducts, and can process large \\ndocuments and messages with more complex formats that would prove more difficult using the native capabilities of th e products. Integration with the following IBM products are \\npackaged as WebSphere Transformation Extender for Integration Servers:\\n/SM590000WebSphere Message Broker \\n/SM590000Sterling B2B Integrator \\n/SM590000WebSphere Enterpri se Service Bus \\nWebSphere Transformation Extender Industry Packs\\nWebSphere Transformation Extend er Industry Packs provide out -of-the-box ca pabilities to \\nintegrate a range of industry standard data formats with your enterprise infrastructure. Industry packs enable developers to accelerate the delivery of transformation solutions by providing predefined type tree templates and conversion maps. In some cases they provide validation maps and tools to fac ilitate implementation in projects  that require conformance to \\nmandatory and advisory guidelines required by the regulatory body or industry service provider.\\n 88 End-to-end Integration with IBM Sterling B2B In tegration and Managed File Transfer SolutionsWebSphere Transformation Extender Industry Packs used in conjunction with WebSphere \\nTransformation Extender provide organizations with an infrastructure with these features:\\n/SM590000Enables compliance with government and industry mandates.\\n/SM590000Controls administrative costs.\\n/SM590000Streamlines business processes.\\n/SM590000Facilitates accuracy and timeliness of information.\\n/SM590000Reuses existing business systems.\\n/SM590000Adapts to new technologies as they emerge.\\n/SM590000Integrates multiple systems and standards.\\n/SM590000Automates cross-organizational exchanges.\\nThe scenarios described in this book make use of the HIPAA EDI and the EDI X12 industry \\npacks.\\nHIPAA EDI \\nWebSphere Transformation Extender Pack for HIPAA EDI includes ready-to-execute template definitions for the complete ASC X12N standard for HIPAA including HIPAA 4010 and HIPAA 5010 addendum, as well as CMS (formerly HCFA) formats for legacy NSF , UB-92 Claims and Coordination of Benefits. The Pack features compliance validation checking, and handling of claims attachments. Also supports the Natio nal Provider ID requir ement and Clinical Data \\nArchitecture release 2.0 for claims attachments support.\\nHIPAA EDI addresses the administrative simplification aspects of HIPAA legislation - the \\nstandardization of electronic patient health, administrative, and financial data. HIPAA regulations affect payers, health plans, clearinghouses, and those providers who conduct financial and administrative transactions electronically.\\nIn the health insurance scenario discussed in Chapter 5, “Health Insurance scenario” on \\npage 103, located in Part 2 of this book, the HIPAA version 5010 type tree that enforces type 4 compliance that ships with the HIPAA EDI industry pack is used to define the inbound services eligibility request. In addition, the HIPAA compliance_check maps that ship with the \\npack are used to generate the negative acknowledgement for non-compliant messages.\\nEDI X12\\nWebSphere Transformation Extender Pack for X12 includes pre built definitions for the ASC X12 transaction sets. ASC X12 represents multiple business domains including finance, government, health care, insurance, and transportation.\\nIn the supply chain scenario discussed in Chapter 7, “Supply Chain scenario using AS2 and \\nEDI” on page 261, the X12 version 4010 type tr ee is used to represent the inbound purchase \\norder. In addition, the X12 compliance check maps that ship with the pack are used to generate the negative acknowledgement for non-compliant purchase orders.\\nMethods and practices\\nIn the following sections, we describe some common methods and practices for routing and transforming the messages. \\nTesting maps in a WebSphere Message Broker runtime environment\\nThere are times when you might want to test a map in the WebSphere Message Broker runtime environment without having to execute the entire message flow leading up to the map. It can be done by setting up a map test flow to invoke an executable map whose sole purpose is to execute other maps. Chapter 4. Routing and transforming messages 89This section discusses how to accomplish the testing. We assume that you have a basic \\nunderstanding of how to use the “RUN” map rule, and a basic understanding of runtime parameters that control the execution of WebSphere Transformation Extender maps.\\nThe “RUN” map rule is the means by which an executable map can invoke another executable \\nmap at runtime. “RUN” also allows for any runtime parameter, such as card overrides, audit switches, and trace switches to be at the time the “RUN” command is executed.\\nFrom the WebSphere Message Broker perspective, you need a simple message flow that \\nmonitors a test queue, and initiates the flow when a message is dropped onto the queue. The purpose of the flow is to take this message, and pass it to the map. The information in the message forces the map to execute the map you want to test. See Figure 4-15.\\nFigure 4-15   Map unit test flow\\nThe map that is executed by the broker is made up of one input card and one output card. For the purpose of this discussion, the input card is defined using an xml schema definition. The xml contains four attributes, as shown in Example 4-1 and Example 4-2:\\n/SM590000The map to run, including the path\\n/SM590000Command line options, including the audit and trace switches\\n/SM590000Input overrides, including the overrides for any input card\\n/SM590000Output overrides, including the overrides for any output card\\nExample 4-1   XML schema definition\\n<?xml version=\"1.0\" encoding=\"utf-8\"?>\\n<xs:schema xmlns:xs=\"http://www.w3.org/2001/XMLSchema\">  <xs:element name=\"TestMapInfo\">    <xs:complexType>\\n 90 End-to-end Integration with IBM Sterling B2B In tegration and Managed File Transfer Solutions      <xs:sequence>\\n        <xs:element name=\"MapToRun\" type=\"xs:string\" />        <xs:element minOccurs=\"0\" name=\"CmdOptions\" type=\"xs:string\" />        <xs:element minOccurs=\"0\" name=\"InputOverride\" type=\"xs:string\" />        <xs:element minOccurs=\"0\" name=\"OutputOverride\" type=\"xs:string\" />      </xs:sequence>    </xs:complexType>  </xs:element></xs:schema>\\nExample 4-2   XML input data\\n<?xml version=\"1.0\" encoding=\"UTF-8\"?><TestMapInfo><MapToRun>C:\\\\map\\\\hipaa_270_2_xml.mmc</MapToRun><CmdOptions> -AE -TI </CmdOptions><InputOverride> -if1 C:\\\\data\\\\hipaa_270_5010a1.dat </InputOverride><OutputOverride> -of1 C:\\\\data\\\\output.msg </OutputOverride></TestMapInfo>\\nThe output card definition uses the type tree shown in Figure 4-16.\\nFigure 4-16   Type tree used for test map\\n Chapter 4. Routing and transforming messages 91After the broker flow delivers the message to the WebSphere Transformation Extender map \\nnode, the broker invokes the map that calls the map to be tested. This map takes the data passed in, and uses that data to set up the run command to call the map being tested. \\n/SM590000See the map rule used to execute the map passed into the flow in Figure 4-17 on page 91.\\n/SM590000See the input card definition for this map using the xsd from in Figure 4-18 on page 92. \\n/SM590000See the output card definition for this map using the type tree from Figure 4-16 on page 90 \\nin Figure 4-19 on page 93.\\nFigure 4-17   RUN map rule\\n 92 End-to-end Integration with IBM Sterling B2B In tegration and Managed File Transfer SolutionsFigure 4-18   Input card\\n Chapter 4. Routing and transforming messages 93Figure 4-19   Output card\\nTrimming type trees\\nTrimming a type tree greatly improves the performance of parsing input of a WebSphere \\nTransformation Extender map. Trimming is normally done to type trees shipped with an industry pack. The reason is that industry pack type trees can include many versions and transactions that you do not use in your solution. \\nIf you execute a map with an untrimmed type tree, WebSphere Transformation Extender tries \\nto parse each and every transaction until it successfully parses the inbound message with the correct definition. By trimming the type tree, unnecessary attempts to parse data are avoided improving performance. Trimming a tree does not affect the output performance, but it minimally simplifies mapping, because unused types do not need to be mapped to “NONE”\\nY ou trim type trees using the WebSphere Transformation Extender Design Studio Type \\nDesigner. From inside the type designer, you select the types not needed and delete them from the type tree. Recommended practice is to make a copy of the original tree, and to trim the copy, keeping the original as it was when it was originally shipped.\\n 94 End-to-end Integration with IBM Sterling B2B In tegration and Managed File Transfer SolutionsTo illustrate the result of trimming a type tree , see Figure 4-20, where we  take the type tree \\nhipaa_x12_type_4.mtt that ships with the industry pack and show it side by side with the type \\ntree hipa_x12_type_4_trimmed.mtt  used in Chapter 5, “Health Insurance scenario” on \\npage 103. \\nFigure 4-20   Comparing trimmed and non-trimmed type trees\\n Chapter 4. Routing and transforming messages 95Canonical data format\\nDuring the implementation of the scenarios in this book, we use the concept of a canonical \\ndata format. The purpose of the canonical data format is to provide a consistent format for data used for like purposes, which makes for easier expansion and maintenance in the future.\\nIn order to process the information sent to you by your trading partners, you need to \\nunderstand the format of the data they are sending. In a perfect world, all of your trading partners would send you data using the same format, and the application, or applications you use to process this information would accept the data without any changes. In other words, everyone would speak the same language. Unfortunately, that is seldom the case, even with the definition of industry standards for communicating information electronically, your trading partners might be sending data using the standard, but at a diff erent revision level, which still \\ncauses the same issues.\\nAdd to that, the fact that the information you receive is being used by more than one \\napplication. Each of those applications also expect the data to be in a different format, and you can have many translation processes that you need to build and maintain.\\nFigure 4-21 shows how complicated such a solution can be. It is an illustration of incoming \\ndata being sent using four different formats to three different applications. It also shows that each application creates a response in each format. In order to accomplish the requirements shown in Figure 4-21, Note that twenty-four translations would be required. Four source formats translated to three application formats would give you twelve translations, and then you would need to translate each of the three application formats back to the source formats in order to respond for 12 more formats, giving you a total of twenty-four translations.\\nNow suppose that one of the source formats is modified. To implement this change would \\nrequire you to change six translation processes. If an application format changed, it would require eight translation process changes. Adding a new source format would require six new translations, and adding a new application would require eight. As you can see, it would not \\ntake long before this type of point-to-point solution became very complex and burdensome. 96 End-to-end Integration with IBM Sterling B2B In tegration and Managed File Transfer SolutionsFigure 4-21   Data translation without an intermediate canonical format\\nNext we look at implementing the same solution using a canonical data format as an \\nintermediate translation format. As you can see in 4.3.3, “WebSphere DataPower XB62 appliance” on page 99, the complexity is reduced dramatically. Now, instead of twenty-four translations there are fourteen; two each for the four source formats and the three application formats.\\nWhen one of the source or target formats changes, at most it affects two translations: the \\ntranslation to and the translation from the canonical format. Before it affected six or eight translations, depending on which format changed. If you add a new format or a new application, again it would only require two new translations.EDI\\nXML\\nCopybook\\nCustomNon-Canonical Integration – 24 Connection Points\\nApp1\\nApp2\\nApp3 Chapter 4. Routing and transforming messages 97Another advantage is that you would gain a deeper understanding of how to make changes, \\nbecause all data flows to or from the same format. It is why the approach used in the scenarios in this publication, as well as the recommendation for building transformation and translation within the enterprise service bus, is to make use of canonical data structures. As you can see, sometimes the canonical structure is either the target or the application format, in which case your work is cut in half.\\nFigure 4-22   Data translation with a canonical intermediate format\\nRecommended practices when  implementing WebSphere \\nTransformation Extender\\nBecause WebSphere Transformation Extender can be integrated with so many product \\nportfolios, recommended practices can vary based on the environment where it is being used. Some of the recommended practices that are discussed in the various scenarios covered in this book, such as “Canonical data format” on page 95 are not limited to use with WebSphere Transformation Extender. Other recommended practices discussed in this book, such as “Trimming type trees” on page 93, that make parsing more efficient, are recommended regardless of runtime environment.Canonical Integration – 14 Connection Points\\nApp1\\nApp2\\nApp3EDI\\nXML\\nCopybook\\nCustom\\n 98 End-to-end Integration with IBM Sterling B2B In tegration and Managed File Transfer SolutionsIn order to access the WebSphere Transformation Extender recommended practices that best \\nmeet your needs, you need  to make use of the help facility that is included with your Design \\nStudio, the WebSphere Transformation Extender Online Library, if you have it installed on your workstation. Information can be found at the following websites:\\nIBM Developer Works articles:\\nhttp://www.ibm.com/developerworks/websphere/library\\nThe WebSphere Tranformation Extender product page:\\nhttp://www-01.ibm.com/software/integration/wdatastagetx/\\nThe IBM WebSphere Transformation Extender Developer Works Forum:\\nhttp://www.ibm.com/developerworks/forums/forum.jspa?forumID=829\\nA specific recommended practice that we discus s here is the use of the map rule function \\n“PUT” with the adapter alias “WIRE”. This map rule function is used in two of the scenarios discussed in part 2. The syntax for this map rule function is shown in Example 4-3. \\nExample 4-3   Using “PUT” with the “WIRE” adap ter alias in Message Broker and Sterling Business \\nIntegrator\\nPUT(adapter_alias, adapter_command, data_to_send_to_adapter)\\nPUT(“WIRE”, ”OutputTarget”, DATA) /* Sends data when map completes */PUT(“WIRE”, ”OutputTarget -NOW”, DATA) /* Sends data immediately */\\nUsing the “PUT” map rule function, as in this example, is valid with both WebSphere Message \\nBroker and in Sterling B2B Integrator. Although the purpose for using this map rule function is \\nthe same with both, the behavior of the map rule function differs between the two. \\nPUT(“WIRE”,....) is used when you want to sp lit a message up into individual parts to be \\nprocessed separately. The Financial Services  extended scenario, uses the PUT map rule \\nfunction with the “WIRE” adapter alias in a map invoked by WebSphere Message Broker, to split a message containing multiple payments records into individual payments records to be processed separately. The Health Insurance scenario in Chapter 5 converts an inbound HIPAA 837P message into an xml version of the message with each claim contained in its \\nown xml envelope to be processed individually. It is done using the PUT map rule function \\nwith the “WIRE” adapter alias within a map that is invoked by Sterling B2B Integrator. \\nWhen using the map rule function PUT(“WIRE”, “OutputTarget”, DATA) with WebSphere \\nMessage Broker, each execution of the PUT places  the DATA contained in the third parameter \\nof the command on the wire connected to the Output Terminal of the Map Node named in the second parameter of the command. Each individual instance of DATA is processed individually by the remainder of the message flow.\\nWhen using this same map rule function with Sterling Business Integrator, you must \\nsomehow differentiate the name defined in parameter 2, for each time PUT is invoked. It is normally done by concatenating an index and the second parameter together. It results in the creation of tags with the concatenated name referencing the DATA in parameter 3 of the map rule function. Failure to follow this practice resu lts in only the last inst ance of DATA passed by \\nthe third parameter of the map rule function being available upon completion of the map.  Chapter 4. Routing and transforming messages 99Example 4-4 shows the proper use of the PUT map rule when invoked from Sterling B2B \\nIntegrator, and an excerpt from ProcessData showing the result.\\nExample 4-5 shows the improper use of the PUT map rule when invoked from Sterling B2B \\nIntegrator, and an excerpt from ProcessData showing the result. \\nThe same HIPAA 837P , containing two claims, was used in both examples.\\nExample 4-4   Proper use of PUT w hen invoked by Sterling B2B Integrator\\nPUT(“WIRE”, “OutputTarget_”+FILLLEFT(Idx,”0”,3), DATA)\\n<ProcessData>  <PrimaryDocument SCIObjectID=\"572:2406457:135400a450b:scb104-5:node1\"/>  <output_document_001 SCIObjectID=\"629:2406473:135400a450b:scb104-5:node1\"/>  <output_document_002 SCIObjectID=\"732:2406479:135400a450b:scb104-5:node1\"/>  <WTX_MAP_EXECUTION_AUDIT_LOG_346995 SCIObjectID=\"366:2406482:135400a450b:scb104-5:node1\"/></ProcessData>\\nExample 4-5   Improper use of PUT when invoked by Sterling B2B Integrator\\nPUT(“WIRE”, “OutputTarget_”+FILLLEFT(Idx,”0”,3), DATA)\\n<ProcessData>  <PrimaryDocument SCIObjectID=\"572:2406457:135400a450b:scb104-5:node1\"/>  <output_document SCIObjectID=\"517:2406467:135400a450b:scb104-5:node1\"/><WTX_MAP_EXECUTION_AUDIT_LOG_346995 SCIObjectID=\"366:2406482:135400a450b:scb104-5:node1\"/></ProcessData>\\n4.3.3  WebSphere DataPower XB62 appliance\\nWebSphere DataPower B2B Appliance XB62 is  a purpose-built hardware B2B-enabled ESB \\nfor simplified deployment and ha rdened security with the ab ility to quickly transform data \\nbetween a wide variety of formats, including XML, industry standards, and custom formats. The device provides core B2B functions, including AS2 and AS3 messaging, partner profile administration, routing of electronic data inte rchange (EDI), XML, and binary payloads, auto \\narchiving and purging of B2B transactions, and B2B tr ansaction viewing capabilities. \\nThe ESB functions include routing, bridging, transformation, and event handling. Data \\ntransformation and validation features include native XML Schema and WSDL validation, XSLT-based transformations, any-to-any transformation using WebSphere Transformation Extender, DPA maps created in IBM WebSphere Transformation Extender Design Studio, and type trees from the HL7 Industry pack.\\nWebSphere DataPower XB62 appliance provides a reliable, performance-oriented solution to \\nmany integration challenges. Beca use it is not limited to handlin g just XML, it resonates with \\nIT organizations that need to benefit from the connectivity of SOA deployments but must also deal with managing a combination of multiple proprietary, industry, company-specific, and existing data formats.  100 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer Solutions4.3.4  Sterling B2B Integrator\\nSterling B2B Integrator enables the secure integration of complex B2B processes with diverse \\npartner communities. \\nIBM Sterling B2B Integrator offers perimeter security, gateway, and transformation engine in \\none product. It includes the following integration and transformation features:\\n/SM590000Multi-purpose data transformation engine:\\n– Traditional EDI: X12, EDIFACT, CII, TRADACOMS, and Verband der \\nAutomobilindustrie (VDA)\\n– XML standards: OAGi, CIDX, PIDX, and RosettaNet– Internet standards for B2B data exchange: RosettaNet RNIF , ebXML, 1SYNC, and \\nEBICS (France)\\n– XSLT service to transform XML documents\\n/SM590000WebSphere Transformation Extender translations support\\n/SM590000Graphic data mapping tool\\n/SM590000Virtually unlimited file size (up to 50 gigabytes)\\n/SM590000Validation of inbound and outbound data based on HIPAA rules defined for Level 1 – Level \\n/SM590000Intelligent (content -based) routing\\n/SM590000Interoperable with .Net 1.1/2.0, Axis 1.x/2.0, Xfire 1.2.6 and Java EES\\nThe various adapters and services that come with Sterling B2B Integrator can be employed in \\nthe routing and transformation of messages in many different ways. One of the most common is to use the Mailbox functions of Sterling B2B Integrator, in conjunction with Routing Rules, to move messages from one Mailbox to another. It allows trading partners to upload documents, which can be translated and then routed automatically to another Mailbox for another partner or internal system to retrieve and perform additional processing.\\nThe implementation of many of these routing functions can be simplified by using the Sterling \\nFile Gateway application. Sterling File Gateway also provides robust tools for viewing the documents or files, as well as the routing status of the messages in the application.\\nFor more information about the Mailbox functions of Sterling B2B Integrator, see the Mailbox \\noverview in the documentation at this website:\\nhttp://publib.boulder.ibm.com/infocenter/sb2bi/v5r2/nav/6_4.\\nFor detailed information about Sterling File Gateway, see the documentation for that product \\nat this website:\\nhttp://publib.boulder.ibm.com/infocenter/sfg/v2r2/index.jsp. © Copyright IBM Corp. 2012. All rights reserved. 101Part 2Scenarios based on the \\nproposed solution \\narchitecture\\nIn this part of the book, we describe four scenarios that demonstrate ways to integrate IBM \\nSterling and IBM WebSphere portfolio products. Each scenario implementation is discussed. Each implementation is executed using a different combination of products and/or product capabilities from the availa ble products in the IBM Ster ling and WebSph ere portfolios.Part 2 102 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer Solutions © Copyright IBM Corp. 2012. All rights reserved. 103Chapter 5. Health Insurance scenario\\nThis chapter demonstrates an example scenario that uses several different systems to \\nreceive, check, transform, and route a HIPAA EDI 837 Health Care Claim transaction. They then respond back to the source system  with an EDI 999 acknowledgement.\\nBecause we assume that the claim will be proc essed by an existing backend application or \\nprocess, our scenario ends when we deliver the request to the destination that performs this task.\\nBeyond the acknowledgement of the receipt of the message, this scenario does not present \\nthe integration required to deliver a response message back to the trading partner that generated the initial message. It is an extension to the scenario, which could be conceived and executed by the reader.\\nThis chapter includes the following sections:\\n/SM5900005.1, “Business value” on page 104\\n/SM5900005.2, “Prerequisites: Technical and infrastructure” on page 104\\n/SM5900005.3, “Presenting the healthcare scenario” on page 106\\n/SM5900005.4, “Configuring the scenario” on page 109\\n/SM5900005.5, “Testing the scenario” on page 165\\n/SM5900005.6, “Conclusion” on page 1765\\nTip: If you want to implement the scenario presented in this chapter in your own \\nenvironment, you can download the Project Interc hange file for the applications used in this \\nscenario from the ITSO FTP site. For download instructions, see Appendix A, “Additional material” on page 333. 104 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer Solutions5.1  Business value\\nDuring an interaction between a patient and a healthcare provider, there is a large amount of \\ndata that is collected and exchanged in order to provide the proper services for the patient. Much of the data collected can be shared with other entities, for any of various reasons:\\n/SM590000Patient encounter reporting\\n/SM590000Payment processing\\n/SM590000Plan eligibility\\n/SM590000Coordination of benefits\\n/SM590000Health care claim status\\n/SM590000Referral authorization\\nA very common need is to prepare and send the information relating to the encounter, and \\npossibly claim information, to an insurance company or other entity for reporting purposes or payment of the claim.\\nWhile this encounter or claim can be processed manually, with a worker preparing the \\ndocument manually and submitting it by mail to the entity requesting it, a much more time and cost effective approach would be to automate these requests, thereby eliminating much of the wait time for the information while also ensuring higher accuracy.\\nThe provider office could simply format the document according to a defined structure (such \\nas the HIPAA EDI 837), and then transmit this re quest electronically to the company or entity \\nproviding the benefits. The re ceiving company could then, using a composite system with \\nvarious points of integration, accept and process that message, and send back a response to the originating system to acknowledge the receipt of the message. This would cut down on manual processing steps, reduce the wait time, and help eliminate errors in the request.\\nWe explore an example solution to this scenario in this chapter, demonstrating how various \\nproducts can be integrated to provide a seamless and high performance solution for processing these requests.\\n5.2  Prerequisites: Technical and infrastructure\\nThere are prerequisites both in order to fully understand the scenario and to successfully implement it in your own infrastructure.\\n5.2.1  Software prerequisites\\nIn order to be able to run this scenario, you must have the following components installed:\\n/SM590000Sterling Secure Proxy v3.4\\n/SM590000Sterling B2B Integrator v5.2.3\\n/SM590000Sterling File Gateway v2.2.3\\n/SM590000WebSphere MQ v7.0.1.5\\n/SM590000WebSphere Message Broker version v8.0.0.0\\n/SM590000WebSphere Transformation Extender Design Studio v8.4\\n/SM590000WebSphere Transformation Extender for Integration Servers v8.4\\n/SM590000WebSphere Transformation Extender Pack for HIPAA EDI v4.4.0 Chapter 5. Health Insurance scenario 105Figure 5-1 illustrates the configuration of the en vironment used to implement this scenario, \\nand represents the systems of the fictitious company “ITSOHealthcare Corporation.” \\nFigure 5-1   System confi guration for ITSOHealthcare\\nFor the purposes of this scenario, we use five servers: \\n/SM590000The first server is in the DMZ and has Sterling Secure Proxy installed. \\n/SM590000The second server has Sterling B2B Integrator and Sterling File Gateway. \\n/SM590000The third server has an IBM DB2® database instance installed to support Sterling B2B \\nIntegrator. \\n/SM590000The fourth and fifth servers are load balan ced backend ESB integration servers and have \\nWebSphere Message Broker and WebSphere Transformation Extender installed in them.\\nServers two, four, and five also have WebSphere MQ for communication between the Broker \\ncomponents and also Sterling B2B Integrator integration.\\n5.2.2  Skills prerequisites\\nTo fully implement and understand this scen ario, you must be familiar with these tasks:\\n/SM590000Configuring Sterling Secure Proxy to communicate with Sterling B2B Integrator\\n/SM590000Configuring Sterling B2B Integrator to receive and process AS2, X12 and HIPAA \\nmessages\\n/SM590000Configuring Sterling File Gateway to receive, handle, and route messages\\nITSOHealthcare Corporation\\nSystem Configurations\\nServer 1\\nssp01.itso.ibm.comServer 4/5\\nesb01.itso.ibm.com\\nesb02.itso.ibm.comServer 3\\ndb201.itso.ibm.com\\nDB2 \\nDatabase\\nDMZSecureSterling \\nSecure ProxySterling B2B \\nIntegrator\\nSterling File \\nGatewayServer 2\\nb2b02.itso.ibm.com\\nMQ\\nWebSphere\\nMQ\\nWebSphere\\nMessage \\nBroker\\nWebSphere\\nTransformation \\nExtender\\nWebSphere\\nMQWebSphere\\nTransformation \\nExtender 106 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer Solutions/SM590000Configuring either Sterling File Gateway or Sterling B2B Integrator to move messages to a \\nWebSphere MQ queue\\n/SM590000Configuring WebSphere MQ infrastructure\\n/SM590000Configuring WebSphere Transformation Extender to check messages for compliance and \\nto transform them into a format for the backend system\\n/SM590000Configuring WebSphere Message Broker infrastructure and develop message flows\\n5.3  Presenting the healthcare scenario\\nIn this section, we provide an overview of our health care scenario. For this particular \\nscenario, we implement a process flow where a Health Care Claim (HIPAA EDI 837) is \\nreceived by our fictitious company, which is named “ITSOHealthcare Corporation” for the purpose of this scenario. As part of the process, we receive the file, check it for compliance, and respond back to the originator with an acknowledgement.\\nAs shown in Figure 5-2, the scenario is composed primarily of the inbound flow, where the \\nmessage is moved through the various components of the solution, on its way to the eventual destination in a backend application. There are some components of the outbound flow that are incorporated, but for the sake of clarity, we are focusing on the integration of the various systems that are working with the inbound message.\\nFigure 5-2   Overall process flow, both inbound and outboundMai lboxFile \\nGateway\\nIn QueueProducer \\nSystem\\nSSP\\nBackend \\nAppWTX \\nBackend \\nTran sfor m\\nInternet\\nOut \\nQueueDMZSecure\\nAck nowle dgementSBI\\nWMBDeenvelope\\nGenerate \\nAck\\nWTX \\nCompliance \\nCheckWTX \\nCanonical  \\nTransfo rmOutput to \\nWMB Chapter 5. Health Insurance scenario 107There are two primary areas of the inbound process, and then the rudimentary outbound flow. \\nWe look at each in more de tail in the following sections.\\n5.3.1  Inbound flow part 1: St erling Secure Proxy/Sterling B2B \\nIntegrator/Sterling File Gateway\\nFigure 5-3 shows the first part of the flow, which begins with the producer system creating the \\nmessage, and ends with the message being routed out of Sterling B2B Integrator.\\nFigure 5-3   Part 1 of the inbound flow\\nThe flow begins in the partner’s system, where a HIPAA EDI 837 message is generated as part of the health care claim request on the behalf of a client. The partner’s system would then transmit this message by public networks, and it would be received in the DMZ by Sterling Secure Proxy (SSP). \\nAfter SSP reviews the message, an d determines that it  is allowed into the Secure zone, it \\nthen passes the message on to Sterling File Gateway (SFG) for routing. SFG interrogates the message to ensure that it contains a valid transaction for that particular partner, and it then routes that message into a mailbox for further processing. \\n 108 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsWhen the message is received in the mailbox, th e Sterling B2B Integrator system then begins \\nthe processing of the message. It extracts th e message from the mailbox, and then calls the \\nservice that de-envelopes the message. De-enveloping the document generates the acknowledgment for the partner, which is routed back to them as part of the outbound flow.\\nWhen the de-enveloping occurs, it calls a WebSphere Transformation Extender map, which \\nchecks the message for compliance with the EDI standards in use. If it passes the compliance check, it then calls another WebSphere Transformation Extender map, which converts the message from the current format into the canoni cal format for additional processing. As part \\nof this processing, the system generates one message per claim in the document.\\nAs the final step in this portion of the proc essing, Sterling B2B Integrator then places the \\nresulting messages onto a WebSphere MQ queue for that processing.\\n5.3.2  Inbound flow part 2: WebS phere Message Broker/WebSphere \\nTransformation Extender\\nFigure 5-4 demonstrates the second portion of the flow. It begins with the messages being \\nplaced into the WebSphere MQ queue, and ends with the final message arriving in the backend application.\\nFigure 5-4   Part 2 of the inbound flow\\n Chapter 5. Health Insurance scenario 109After Sterling B2B Integrator completes the de-enveloping and preliminary transformation of \\nthe messages, it places them into the In Queue for WebSphere Message Broker (WMB).\\nUpon arriving on the queue, WebSphere Message Broker then calls a WebSphere \\nTransformation Extender node, to convert the message from the current canonical format into a format that is compatible with the existing backend application.\\nAfter this transformation is complete, WebSphere Message Broker then moves the message \\ninto the Out Queue. This queue feeds the message into the backend application for additional processing.\\n5.3.3  Outbound flow\\nAs mentioned earlier, the outbound, or return, flow is simplified in this scenario to concentrate on the integration of the various components as they move and process the inbound message. However, the simple outbound portion, as depicted, should be reviewed.\\nAfter the receipt of the message into Sterling B2B Integrator, the message is de-enveloped, \\nand as part of this process, Sterling B2B Integrator generates an acknowledgement (in this case, an EDI 999). It is routed back to the partner to demonstrate that the message was successfully received, as well as any compliance errors generated.\\nEventually, the backend application can be expected to generate a response to the \\nmessages, which need to be routed back to the partner. This return message needs to be processed through a similar flow (although in reverse). As it is out of the scope of the current scenario, we leave the conceptualization of this more detailed outbound flow to the reader.\\n5.4  Configuring the scenario\\nIn this section, we look at an overview and then a detailed description of how we configure this Healthcare Integration scenario. In this scenario, we configure our various products to accept an inbound HIPAA EDI 837 Health Care Claim request by AS2. We route the resultant message through Sterling File Gateway. Then we use Sterling B2B integrator, WebSphere MQ, WebSphere Message Broker, and WebSphere Transformation Extender to prepare that message for processing in the existing backend system.\\n5.4.1  Scenario outline\\nFor simplicity, we use the fo llowing fictitious companies:\\nITSOHealthcare Corporation:  The company for which this integration scenario is being \\nimplemented. It is a large healthcare company that receives and processes Health Care Claim (HIPAA EDI 837) requests from its partners.\\nITSORetail Corporation:  An external trading partner that is generating a Heatlh Care Claim \\n(HIPAA EDI 837) request for one of their clients. In this case, this external partner is using software that accepts the created message and transmits it over AS2 to the systems of our \\nhealthcare company. 110 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsHere is a list of the steps to be perf ormed in configuring this scenario.\\n1. Configure Sterling Secure Proxy.\\n2. Configure AS2 in Sterling B2B Integrator.\\n3. Configure Sterling File Gateway.4. Configure message processing in Sterling B2B Integrator.\\n5. Configure WebSphere MQ.\\n6. Configure WebSphere Transformation Extender.7. Configure WebSphere Message Broker.\\n5.4.2  Scenario implementation\\nIn all of the following steps, we assume that the application in question has been successfully \\ninstalled and tested to ensure that it functions properly and that a nominal performance configuration has been put in place for each to accommodate the anticipated processing load.\\nFor detailed information about inst alling the applications, see the Installation Guide  and/or the \\nPerformance Tuning Guide  (if applicable) for each of the products.\\nStep 1: Configure St erling Secure Proxy\\nTo prepare Sterling Secure Proxy for use in this scenario, the following tasks must be \\nperformed:\\n/SM590000Configure a Policy\\n/SM590000Configure a Netmap\\n/SM590000Configure an HTTP Adapter\\nFor the purposes of configuring Sterling Secure Proxy, it should be noted that our AS2 \\nconnection is not seen as any different than any other HTTP communications. Thus, we configure the various components as we would any other HTTP session.\\nFor more information if required, see the documentation for Sterling Secure Proxy:\\nhttp://www.sterlingcommerce.com/documentation/home/MFT/SSP/SSP.html\\nIt contains comprehensive details on configuring the application for common usage tasks. \\nWe now review each of these steps in detail for this scenario.\\nConfigure a Policy\\nUse the following procedure to define a Policy for our HTTP connection.\\n1. Log into the user interface for Sterling Secure Proxy.2. Select Configuration  from the menu bar and then select Actions \\uf0ae New Policy \\uf0ae HTTP \\nPolicy . Chapter 5. Health Insurance scenario 1113. Select a name for the new Policy, and then click Save . Figure 5-5 shows an example of the \\nPolicy created for this example.\\nFigure 5-5   Creation of the Policy in Sterling Secure Proxy\\nConfigure a Netmap\\nAfter we have created our new Policy, we must then create a Netmap. The Netmap defines the inbound connection information from the external trading partner, and the outbound connection information in order to communicate with Sterling B2B Integrator. These values are stored in the Netmap, and in turn, this Netmap is associated with both a Policy and an HTTP Adapter.\\nUse the following procedure to create a Netmap.\\n1. Log into the user interface for Sterling Secure Proxy.\\n2. Select Configuration  from the menu bar and then select Actions \\uf0ae New Netmap \\uf0ae \\nHTTP Netmap . \\n3. Enter a name for the Netmap.4. To define an inbound node definition, select the Inbound Nodes  tab and click New. \\n5. Specify the following values:\\n– Inbound Node Name\\n– Peer Address Pattern– Policy \\n6. Click OK.\\n7. To define an outbound node definition, select the Outbound Nodes  tab and click New.\\n8. Specify the following values:\\n– Outbound Node Name\\n– Primary Destination Address – Primary Destination Port \\n 112 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer Solutions9. Click  OK. \\n10.Click Save .\\nFigure 5-6 shows the creation of the inbound node for the new Netmap.\\nFigure 5-6   Details of the inbound node in the Netmap\\n Chapter 5. Health Insurance scenario 113Figure 5-7 shows the creation of the outbound node for the new Netmap.\\nFigure 5-7   Details of the outbound node in the Netmap\\nConfigure an HTTP Adapter\\nAfter the Policy and Netmap are created, the last step in configuring Sterling Secure Proxy is \\nto define the HTTP Adapter to use in our scenario.\\nIn Sterling Secure Proxy, the HTTP Adapter definition specifies the information necessary for \\nHTTP connections both to and from the application.\\nUse the following procedure to define the HTTP Adapter for this scenario.\\n1. Login to the Sterling Secure Proxy user interface.2. Select Configuration  from the menu bar and then select Actions \\uf0ae New Adapter \\uf0ae \\nHTTP .\\n3. Specify the proper values for the following items:\\n– Adapter Name\\n–L i s t e n  P o r t–N e t m a p– Standard Routing Node–E n g i n e\\n4. Click Save .\\n 114 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsFigure 5-8 shows our HTTP Adapter configured for this scenario.\\nFigure 5-8   Configuration of the HT TP Adapter in Sterling Secure Proxy\\nAfter we complete the creation of the Policy, the Netmap, and the HTTP Adapter, we can then \\nmove on to the configuration of Sterling B2B Integrator.\\nStep 2: Configure AS2 in  Sterling B2B Integrator\\nTo prepare Sterling B2B Integrator for this scenario, the following tasks must be performed:\\n/SM590000Configure the certificates for the Organization and AS2 Partner.\\n/SM590000Configure the AS2 Organization.\\n/SM590000Configure the AS2 Trading Partner.\\n/SM590000Create the AS2 Trading Relationship.\\n/SM590000Test the AS2 Setup to ensure that it functions correctly.\\nThe Sterling B2B Integrator documentation contains much more detail about configuring the \\napplication for AS2 communications. For full information about setting up AS2 in particular, see the “Standards Library Using AS2” sections of the Sterling B2B Integrator documentation:\\nhttp://help.sterlingcommerce.com/SB2BI52/topic/com.ic.customization.doc/SI_52_PDF/\\nStds801_Using_AS2.pdf\\nNext we detail each of these steps for our scenario.\\nConfigure the certificates for the Organization and AS2 Partner\\nFor AS2 communication to occur, the trading partners need to create and exchange digital \\ncertificates.\\nWe must create the key certificate, and then share that certificate with our trading partner to \\nallow them to decrypt the AS2 messages that we intend to transmit to them. There are many ways to create this certificate, both in Sterling B2B Integrator and through the Sterling Certificate Wizard.\\n Chapter 5. Health Insurance scenario 115For this scenario, we generate a simple self-signed certificate, and then present that to our \\ntrading partner as the key certificate for communications. In most real life situations, we would be using an actual CA certificate which must be checked into Sterling B2B Integrator, and also shared with the partner.\\nOur trading partner, in this case the fictitious ITSORetail Corporation, is also required to \\nsupply us with their certificate to check into the Trusted store in Sterling B2B Integrator.\\nWhen we have the certificate from the partner, we need to save it to a location we can reach \\nfrom the server, and then navigate to Trading Partners \\uf0ae Digital Certificates \\uf0ae Trusted  in \\nthe Sterling B2B Integrator dashboard. Select Check In New Certificate , provide the \\nrequired information, and then save the certificate to the Trusted store.\\nFigure 5-9 shows the summary for the certificate used in this example.\\nFigure 5-9   Configuration of the Trusted Cert ificate provided by ITSORetail Corporation\\nIn this example, we are not actually using any certificates generated by a certificate authority. \\nAll of the certificates in use have been generated by Sterling B2B Integrator itself, which is sufficient for presenting this scenario and demonstrating the AS2 communications.\\n 116 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsConfigure the AS2 Organization\\nAfter the certificates have been created, exchanged, and checked in, we must now create our \\nOrganization. The Organization represents the internal group that is receiving and sending AS2 messages, and we must provide information about our fictitious ITSOHealthcare Corporation to configure the Organization.\\nTo simplify the creation of the Organization, as well as the Trading Partner and Relationship, \\nSterling B2B Integrator has an AS2 Wizard that you can use to create and configure the proper values. This wizard properly creates the required profiles, identities, transports, channels, packaging, business processes, and schedules to implement AS2. All of these items can be manually configured from the respective menu choices in the Sterling B2B Integrator dashboard, but using the AS2 Wizard can greatly simplify these tasks.\\nTo reach the AS2 Wizard, log into the Sterling B2B Integrator dashboard and navigate to \\nTrading Partner \\uf0ae AS2 . To create the Organization, select Create New AS2 partner or \\norganization  on the first option screen that is displayed. We must select Organization , \\nbecause the system does not allow us to create a Partner until we have created an Organization.\\nFigure 5-10 shows the settings for the Organization created for ITSOHealthcare Corporation.\\nFigure 5-10   Configuration of the ITSO Healthcare Corporation AS2 Organization\\n Chapter 5. Health Insurance scenario 117Configure the AS2 Trading Partner\\nAfter the Organization is created, we must now create a Trading Partner for AS2.\\nAgain, log into the Sterling B2B Integrator dashboard, and navigate to Trading Partner \\uf0ae \\nAS2. We again select Create New AS2 partner or organization . This time, however, on the \\nfirst option screen, we select Partner  as the type of Profile we are creating.\\nFill out the required fields, incl uding the certificate that was received from the partner and \\nchecked into Sterling B2B Integrator.\\nFigure 5-11 shows the configuration for the ITSORetail Corporation Profile.Tip: In this simple example, we are using the same certificate for the exchange and the \\nsigning, and we have le ft the email informati on blank. These would normally be filled out for \\na real Organization, to allow them to receive notifications from Sterling B2B Integrator. 118 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsFigure 5-11   Configuration for the AS2  Profile for ITSORetail Corporation\\nNote that the Profile is using the Trusted certificate we checked in earlier, and that the End \\nPoint is configured for the delivery of messages. It is a fictitious IP address for the purposes of \\nthis example.\\n Chapter 5. Health Insurance scenario 119Configure the AS2 Trading Relationship\\nIn order to link the Organization with the Partner, we must now create a Relationship between \\nthem. In Sterling B2B Integrator, there can be multiple Organizations and multiple Partners, and the Relationship defines the linkage between them.\\nLog into the Sterling B2B Integrator dashboard, and navigate to Trading Partner \\uf0ae AS2  and \\nselect Create New AS2 trading relationship .\\nFor the purpose of this scenario, it is particularly important to select mailboxes as the storage \\ntype of the inbound and outbound AS2 messages. It ensures that we are able to use Sterling File Gateway for routing of the messages after they are received by Sterling B2B Integrator and placed in the proper mailbox.\\nFigure 5-12 shows the configuration screen where the option is presented to select mailboxes \\nto store the AS2 messages.\\nFigure 5-12   Screen to configure mailbox storage of AS2 messages\\n 120 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsFigure 5-13 shows the screen where we can change the mailboxes that are used by Sterling \\nB2B Integrator for storing these messages. When using AS2 messages with Sterling File Gateway, it is best to accept the default locations.\\nFigure 5-13   Selection of the mailboxes for the Relationship\\nTest the AS2 Setup to ensure that it functions correctly\\nAfter the Organization, Partner and Relationship have been created, we can then test the AS2 communications between Sterling B2B Integrator and the trading partner.\\nLogin to the Sterling B2B Integrator dashboard, and navigate to  Trading Partner \\uf0ae AS2 . \\nSelect Search Relationships , and enter the values to search on, which in this case would be \\n“ITSOHealthcare” for the Organization and “ITSORetail” for the Partner. On the Summary screen that is displayed, there is a test icon displayed under the Select heading.\\nFigure 5-14 shows an example of this screen for the Organization and Partner in this \\nscenario.\\n Chapter 5. Health Insurance scenario 121Figure 5-14   Summary screen after searching for Relationship\\nClicking the test icon initiates a communications test with the pa rtner, and confirms that our \\ntrading relationship has been configured correctly and is functioning normally. If any errors are encountered, we must go back and correct them before proceeding to the next step.\\nFigure 5-15 shows an example running this test with the partner. Note that the last step, the \\nreceipt of the MDN, failed. It is an example of a failure that would need to be corrected before the partner could exchange messages.\\nFigure 5-15   Example of the results when testing an AS2 partner configuration\\nThis concludes the setup for Sterling B2B Integrator for AS2 communications. We now move on to Sterling File Gateway.\\nStep 3: Configure Sterling File Gateway for routing\\nTo prepare Sterling File Gateway for this integration scenario, the following tasks must be \\nperformed:\\n/SM590000Configure the Community\\n/SM590000Configure the Partner\\n/SM590000Configure the AS2 Partners Group\\n/SM590000Create the Routing Channel Template for AS2 Inbound\\n/SM590000Create the Routing Channel Template for AS2 Outbound\\n/SM590000Create the Route Channel for AS2 Inbound\\n/SM590000Create the Route Channel for AS2 Outbound\\n 122 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsNext we look at each of these tasks in detail.\\nConfigure the Community\\nThe first step in configuring Sterling File Gateway is to configure the community to be used for \\nthe fictitious ITSOHealthcare Corporation. This community is used as a way of organizing all trading partners into a logical grouping, which can speed up the onboarding process for the partner. In addition, the community can also be used to help define the protocols and methods used by those partners.\\nUse the following procedure to create the community used in this scenario.\\n1. Login to the Sterling File Gateway dashboard.\\n2. Navigate to Participants \\uf0ae Communities .\\n3. Under the Select  menu, select the link to add a new community.\\n4. Enter the name for the community, and select the options for the partner both initiating and \\nlistening for protocol connections. \\nFigure 5-16 shows the community created for “ITSOHealthcase Corporation.”\\nFigure 5-16   Sterling File Gateway Community for ITSOHealthcare Corporation\\nNote that this community is showing a Custom Protocol for WebSphere MQ FTE. There is \\nanother option for configuring this scenari o, which we discuss in more detail later.\\n Chapter 5. Health Insurance scenario 123Configure the AS2 Partner\\nThe configuration of the AS2 Partner, in this case “ITSORetail Corporation,” is done through \\nthe normal Sterling B2B Integrator dashboard, and is described in detail in the previous step.\\nThere are two important considerations when creating this partner:\\n/SM590000Ensure that the partner is configured to use mailbox storage of the AS2 messages to allow \\nSterling File Gateway to route them.\\n/SM590000Ensure that the AS2 partner is using the default mailboxes for the storage of the \\nmessages, which simplifies the configuration of the routing channel template.\\nThere is one additional task that needs to be completed. When an AS2 partner is created, \\nthere is a corresponding user created in Sterling B2B Integrator. This user must be added to the File Gateway Partners Users group.\\n1. Login to the Sterling B2B Integrator dashboard. \\n2. Navigate to Accounts \\uf0ae User Accounts  and search for the user that corresponds to the \\npartner. In this scenario, this would be “ITSORetail.”\\n3. Edit this account, and on the Groups page, add File Gateway Partner Users, and then \\nsave the changes.\\nFigure 5-17 shows this group added for our “ITSORetail” AS2 partner.\\nFigure 5-17   Adding the File Gateway Partner Users group to the AS2 partner user\\nAn important fact to remember is that the AS2 partner must continue to be configured with \\nSterling B2B Integrator, rather than managed in Sterling File Gateway. Hence, any changes to the profile would need to be done from the Sterling B2B Integrator dashboard.\\nConfigure the AS2 Partners group\\nAfter the partner is configured and added to the user group, we create a partner group to assist in organizing AS2 partners in Sterling File Gateway. It is not a required step, particularly in this case with only one AS2 partner, but it can simplify the management of the partners.\\n 124 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsUse the following procedure to configure the AS2 Partners group.\\n1. Login to the Sterling File Gateway dashboard.\\n2. Navigate to Participants \\uf0ae Groups .\\n3. Create a new group named AS2 Partners.4. Select Add Partners, and add the AS2 partner to the group. In this scenario, we are adding \\nthe “ITSORetail” partner to the group “AS2 Partners.”\\nFigure 5-18 shows an example of the group, with the new AS2 Partners group highlighted, \\nand the ITSORetail partner added to the group.\\nFigure 5-18   ITSORetail AS2 partner added to the AS2 Partners group\\nAs noted above, it is not a required step, but it can make managing the partners easier, particularly as the number of partners increases.\\nCreate the Routing Channel Template for AS2 Inbound\\nIn order to route the messages, we need to create two routing channel templates, one for inbound and one for outbound. The routing channel template provides the definition and structure for the routing of files through Sterlin g File Gateway, and it is required before the \\nactual routes can be created. It also controls the protocols and formats for the files, as well as the partners that can participate in the movement of files.\\nA routing channel template can be either static, where the values are defined at creation time \\nand are linked with a particular resource, or dynamic, which allows Sterling FIle Gateway to determine, based on the definition, the consumer for the file. In this scenario, for AS2 transfers, we are creating a static routing channel template, but one that can be used for any AS2 partner.\\nFirst, we create the inbound template. Use the following procedure.\\n1. Login to the Sterling File Gateway dashboard.\\n2. Navigate to Routes\\uf0ae Templates .\\n3. Create a new template named AS2 Inbound.4. Select Static as the type of template, and do not specify any special character handling.\\n5. Select AS2 Partners as the Producer Group, and All Partners as the Consumer Group.\\n6. For the Producer Mailbox Path, enter “/AS2/ITSOHealthcare/${ProducerName}/Inbound”.7. Under Producer File Structures, select Unknown and use ‘.+’ as the regular expression, \\nand no facts are required.\\n Chapter 5. Health Insurance scenario 1258. For the Consumer Mailbox Path, enter “/${ConsumerName}/Inbox”.\\n9. For the Consumer File Structure, select Unknown, with a file name format of \\n${ProducerFilename} .\\nFigure 5-19 shows the routing channel template created for AS2 Inbound.\\nFigure 5-19   Routing Channel Template for AS2 Inbound\\nCreate the Routing Channel Template for AS2 Outbound\\nThe next step is to create a very similar routing channel template, but this time for outbound \\nAS2 messages.\\nWe now create the inbound template. Use the following procedure.\\n1. Login to the Sterling FIle Gateway dashboard.2. Navigate to Routes\\uf0ae Templates .\\n3. Create a new template named AS2 Outbound.\\n4. Select Static as the type of template, and do not specify any special character handling.5. Select All Partners as the Producer Grou p, and AS2 Partners as the Consumer Group.\\n6. For the Producer Mailbox Path, enter /${ProducerName’.\\n 126 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer Solutions7. Under Producer File Structures, select Unknown and use ‘.+’ as the regular expression, \\nand no facts are required.\\n8. For the Consumer Mailbox Path, enter \\n“/AS2/ITSOHealthcare/${ProducerName}/Outbound”.\\n9. For the Consumer File Structure, select “Unknown,” with a file name format of \\n${ProducerFilename} .\\nFigure 5-20 shows the routing channel created for AS2 Outbound.\\nFigure 5-20   Routing Channel Template for AS2 Outbound\\nCreate the Route for AS2 Inbound from ITSORetail\\nAfter the templates are created, we must now create an actual route that uses those \\ntemplates to do the actual routing of the files.\\nUse the following procedure to create the inbound route.\\n1. Login to the Sterling File Gateway dashboard.\\n2. Navigate to Routes\\uf0ae Channels .\\n3. Click  Create to create the new Channel.\\n4. For the Routing Channel Template, select the AS2 Inbound template.5. For the Producer, select the AS2 partner, in this case, the ITSORetail AS2 partner created \\nearlier.\\n6. For the Consumer, select any other partner, which does not have to be an AS2 partner.\\n7. For this scenario, we select the same partner, to simplify the configuration in the next step.\\n Chapter 5. Health Insurance scenario 127Figure 5-21 shows the routing channels created in Sterling File Gateway, with the new \\ninbound route for the ITSORetail AS2 partner highlighted.\\nFigure 5-21   Routing Channels with t he ITSORetail inbound channel highlighted\\nCreate the Route for AS2 Outbound to ITSORetail\\nThe final step in the Sterling File Gateway configuration is to configure the route for AS2 \\nOutbound. It is quite similar to the AS2 Inbound Route, but allows a message to be routed back to Sterling B2B Integrator for transmission by AS2 to the partner. We could eventually use this outbound route as a method for returning a message back from the backend application to the trading partner.\\nUse the following procedure to create the outbound route.\\n1. Login to the Sterling File Gateway dashboard.2. Navigate to Routes\\uf0ae Channels .\\n3. Click Create  to create the new Channel.\\n4. For the Routing Channel Template, select the AS2 Outbound template.5. For the Producer, select any partner, which is not required to be an AS2 partner. In this \\ncase, we select ITSORetail, which simplif ies the configuration in the next step.\\n6. For the Consumer, also select the ITSORetail partner, which is the AS2 partner that the \\nmessage will be routed to for transmis sion by Sterling Integrator by AS2.\\nFigure 5-22 shows the routing channels created in Sterling File Gateway, with the new \\noutbound route for the ITSORetail AS2 partner highlighted.\\nFigure 5-22   Routing Channels with t he ITSORetail outbound channel highlighted\\nAs mentioned earlier, this outbound route is not used as part of this scenario, but is left as an \\nexercise for the reader.\\n 128 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsAlternate configuration for Sterling File Gateway using a Custom Protocol\\nAfter the message moves through Sterling File Gateway and is processed by Sterling B2B \\nIntegrator, there are two ways that we could move this message to the WebSphere MQ for additional processing and eventual delivery to the backend application:\\n/SM590000As part of the business process that is called when Sterling B2B Integrator de-envelopes \\nthe message, use the WebSphere Suite Adapters in Sterling B2B Integrator to place the message into the WebSphere MQ queue for the next step of the processing.\\n/SM590000After the message is processed by Sterling B2B Integrator, place it back into a maibox, \\nand define a route that uses a Custom Protocol in Sterling File Gateway to move the message to WebSphere MQ for the next step in processing.\\nIn this scenario, as a way of demonstrating some of the additi onal capabilities of Sterling B2B \\nIntegrator, we are using the first option, and we configure these components in the next step.\\nFor more information about configuring a Custom Protocol for Sterling File Gateway, see the \\ndocumentation for that pr oduct. In particular, the section on “Extending the Capabilities” has a \\ndetailed description of implementing a Custom Protocol, as well as some examples.\\nIn addition, the IBM Redbooks IBM Sterling Managed File Transfer Integration with \\nWebSphere Connectivity for a Multi-Enterprise Solution , SG247927 has a very detailed \\nexample of implementing a Custom Protocol in Chapter 7, “External transfers using IBM WebSphere Message Broker and IBM Sterling File Gateway’.\\nStep 4: Configure message pro cessing in Sterling B2B Integrator\\nNow that Sterling File Gateway has been configured to route the message to the proper \\nlocation, we need to configure Sterling B2B Integrator to process the message and deliver it to the WebSphere MQ queue for the additional processing in WebSphere Message Broker.\\nAs mentioned in the previous section, the final delivery of the message to the queue could \\nalso be accomplished by using the Custom Protocol  functions of Sterling File Gateway. In this \\nscenario, however, we use the Sterling B2B Inte grator to demonstrate it s ability to interact \\nwith WebSphere MQ. Chapter 5. Health Insurance scenario 129In order to accomplish these integrations, we need to complete the following tasks:\\n/SM590000Configure the inbound Envelopes for the trading partner.\\n/SM590000Create a Routing Rule to check the mailbox for a message and execute the initial business \\nprocess.\\n/SM590000Specify the correct maps in the envelopes for the compliance check and for the \\ntransformation to the canonical format.\\n/SM590000Create a Business Process that sends the document to the WebSphere MQ queue when \\ncalled.\\n/SM590000Configure the outbound Envelopes to return the acknowledgement (EDI 999) back to the \\ntrading partner.\\n/SM590000Create and schedule a Business Process to clean up expired mailbox messages.\\nWe now review each of these tasks and the component in detail.\\nConfigure the inbound envelopes for the trading partner\\nIn order to process the message from the trading partner, we need to configure document \\nenvelopes in Sterling B2B Integrator to allow the system to de-envelope the message and pass the resultant document on for the additional processing required.\\nThere are three distinct envelopes that need to be created for this message, which \\ncorrespond to the usual X12 standard:\\n/SM590000ISA-IEA\\n/SM590000GS-GE\\n/SM590000ST -SE\\nFigure 5-23 is the ISA-IEA envelope configured to process our inbound message from the \\ntrading partner. Note that in the envelope configuration, we have simplified this example by using only local (as opposed to global) control numbers, and we have also disabled duplicate and sequence checking. 130 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsFigure 5-23   Inbound ISA-IEA envelope configured for ITSORetail Corporation\\nFigure 5-24 is the GS-GT envelope for this trading partner. Again note that we are using local \\ncontrol numbers rather than global, and we are not doing duplicate or sequence checking for simplicity. Note also in this envelope that we specify to return an acknowledgement to our trading partner, which generates the EDI 999 that we need to return.\\n Chapter 5. Health Insurance scenario 131Figure 5-24   Inbound GS-GT envelope configured for ITSORetail Corporation\\n 132 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsFigure 5-25 is the ST -SE envelope for our message. It is in this envelope that we configure the \\nmaps to be used to check the compliance and to transform the data contained in the message. Again, we are using local control numbers and have disabled duplicate and sequence checking.\\nFigure 5-25   Inbound ST -SE envelope for ITSORetail Corporation\\n Chapter 5. Health Insurance scenario 133Also note that we have disabled the batching of like documents. It allows the system to create \\none document for each claim in the original message, and allows Sterling B2B Integrator to place one message onto the WebSphere MQ queue for each of those documents.\\nCreate a Routing Rule to check the mailbox for a message\\nAfter the message is routed by Sterling F ile Gateway, it is placed in the mailbox \\n/ITSORetail/Inbox . In order to trigger the business process that continue the processing of \\nthe message, we need to create a Routing Rule that can watch this mailb ox, and then initiate \\nthe business process configured in the next section.\\nIn the Sterling Integrator Dashboard, navigate to Deployment \\uf0ae Mailboxes \\uf0ae Routing \\nRules , and then select Create a new Routing Rule .\\nThe Routing Rule should be configured to execute automatically on the mailbox \\n/ITSORetail/Inbox , and it should run the business process named “EDIBootstrap” when it \\nfinds a message in the mailbox. This business process is a default process that is shipped as part of the base installation of Sterling B2B Integrator.\\nFigure 5-26 shows the Configuration screen for the new Routing Rule named \\nITSOHealthcare_Route.\\nFigure 5-26   Routing Rule configuration summary screen\\nWith the Routing Rule configured to be evaluated automatically, it is executed when the scheduled evaluation occurs in Sterling B2B Integrator. Because of the addition of Sterling FIle Gateway, the system evaluates all automatic rules continuously, which ensures that the message is routed almost as soon as it is placed in the mailbox.\\nSpecify the WebSphere Transformation Extender maps in the envelopes\\nWhen the de-enveloping runs in Sterling B2B Integrator, part of the process can include checking the compliance of the message, as well as transforming or translating the message into a different format.\\n 134 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsIn this scenario, we are using a HIPAA EDI 8 37 message, and as part of the processing of \\nthat message, we need to check the compliance to the published standards. If there is any variance from those standards, we need to inform our trading partner by returning an acknowledgement to them which lists the variance. For this, we are using the EDI 999 document type.\\nWhen checking the compliance of the message to the standard, there are various levels that \\nthe compliance can be compared to. In the native Sterling B2B Integrator application, we can check Level 4, 5, and 6 of compliance, but if the user wants to check compliance Level 1, 2, or 3, they can do so by using integration with WebSphere Transformation Extender compliance check, which supports compliance check Levels 1 to 4 out of the box.\\nIn Sterling B2B Integrator, the compliance level is specified in the ST -SE envelope, and is \\ncontrolled by selecting “yes” to the option of “Perform HIPAA compliance check” in the setup of the envelope. When “yes” is selected, the user can then specify the compliance check level.\\nOne final step that is required to enable the use of the WebSphere Transformation Extender \\nmap as the compliance check is to enable its use in the ISA-IEA envelope for the message. The user must select “yes” for the option “Use WTX compliance checking.”\\nAlong similar lines, the user can also call a WebSphere Transformation Extender map to do \\nthe transformation of the data into the canonical format as part of the de-enveloping of the message. After the WebSphere Transformation Extender map is deployed into Sterling B2B Integrator, the user can select it as the map to be called from the ST -SE envelope for the transformation, as it would be for any other map in Sterling B2B Integrator.\\nFor more information about these settings, see the Pack for HIPAA EDI documentation at this \\nwebsite:\\nhttp://publib.boulder.ibm.com/infocenter/wtxdoc/v8r4m0/index.jsp?topic=%2Fcom.ibm.\\nwebsphere.dtx.packhealthcareref.doc%2Fconcepts%2Fc_pack_healthcareref_Overview_of_the_Packs_for_Healthc.htm\\nCreate a Business Process to send the document to the WebSphere MQ queue\\nWhen the EDIBootstrap process executes, called by the routing rule set up earlier, it calls the pre-configured EDIDeenvelope service, which in turn then calls the pre-configured X12DeenvelopeUnified business process. This process locates and uses the envelopes configured previously. The ST-SE envelope calls the business process that output the de-enveloped and transformed message to the WebSphere MQ queue for processing by WebSphere Message Broker.\\nBecause we have the batching disabled in the ST -SE envelope, the X12DeenvelopeUnified \\nprocess invokes the defined process for each of the transactions in the original message. In this case, it calls the process we are creating to put each resulting document onto the proper WebSphere MQ queue.Important:  If you are using WebSphere Transformation Extender transformation maps in \\nthe X12 de-envelope service, then you need to use the WebSphere Transformation Extender HIPAA compliance check maps for co mpliance checking regardless of the level. Chapter 5. Health Insurance scenario 135Figure 5-27 is the graphical view of this busine ss process. Note that this process is quite \\nsimple. It basically opens a session and queue, puts the message, and then closes the queue and session.\\nFigure 5-27   ITSOHealthCare_MQSend business process in graphical view\\nFor clarity, this business process does not contain an “on fault” for the process flow. Even \\nthough this business process is quite simple, it is usually a good practice to anticipate \\npotential failure modes and provide a method for resolving them, if possible. We leave the conception and addition of the “on fault” to the reader as an additional exercise.\\nConfigure the outbound Envelopes to return the acknowledgement\\nIn order to return the acknowledgement to the trading partner, we must specify in the GS-GE envelope to generate the acknowledgement, and then we must also configure outbound envelopes for the resultant acknowledgment.\\nIn this scenario, we are returning the X12 standard EDI 999 to acknowledge the receipt of this \\nmessage, and also to report on any compliance errors from the message.\\nSimilar to the envelopes created for the inbound message, we must configure an envelope on \\neach standard level for this EDI 999:\\n/SM590000ISA-IEA\\n/SM590000GS-GE\\n/SM590000ST -SE\\nAs these envelopes are quite similar to those already presented for the inbound portion of the \\nscenario, except of course for outbound rather than inbound, we do not replicate them here.\\nCreate and schedule a Business Process to clean up expired messages\\nSterling B2B Integrator does not come with a pre-configured process that remove mailbox messages that are expired. In order to ensure  that we are removing messages that are no \\nlonger needed, we need to create and schedule a business process that can review the mailboxes used in this scenario, and then delete any messages that are either no longer extractable or expired based on their age.\\nThis business process is much simpler than the prior process, in that it simply reviews the \\nmailboxes in use in this scenario and then de letes any message in the mailbox that is no \\nlonger extractable.\\n 136 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsFigure 5-28 shows the steps of this process.\\nFigure 5-28   Graphical representation of th e business process ITSOHealthcare_MBX_Cleanup\\nIn order to ensure that the mailboxes are kept clean of expired messages, we need to \\nschedule this process to run on a regular interval.\\n Chapter 5. Health Insurance scenario 137Figure 5-29 displays the schedule configuration for this business process.\\nFigure 5-29   Configuration of the schedul e for the process ITSOHealthcare_MBX_Cleanup\\nNote that this schedule is currently set to ex ecute every 8 hours. Because this cleanup is \\nsimply removing messages that are expired, the longer schedule interval should be sufficient.\\nStep 5: Configure WebSphere MQ\\nIn this scenario, we use WebSphere MQ for integration on various infrastructure components. For it to happen, a base connectivity infrastructure should be created. We need to perform the following tasks before any fu rther backend integration:\\n/SM590000Create queue managers.\\n/SM590000Create listener objects on the queue managers.\\n/SM590000Create queue manager clusters.\\n/SM590000Create server connection channels.\\n/SM590000Create queues for application.\\n 138 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsCreate queue managers\\nQueue Managers could be created using the crtmqm  command. Example 5-1 shows the \\nsyntax of this command.\\nExample 5-1   The crtmqm command syntax\\ncrtmqm [-z] [-q] [-c Text] [-d DefXmitQ] [-h MaxHandles]       [-md DataPath] [-g ApplicationGroup] [-ss | -sa | -sax | -si]       [-t TrigInt] [-u DeadQ] [-x MaxUMsgs] [-lp LogPri] [-ls LogSec]       [-lc | -ll] [-lf LogFileSize] [-ld LogPath] QMgrName\\nFor more information about all of the parameters for the crtmqm  command, see this website:\\nhttp://publib.boulder.ibm.com/infocenter/wmqv7/v7r0/topic/com.ibm.mq.amqzag.doc/fa\\n15650_.htm\\nESB01 Queue Manager for Backend ESB-01\\nThe command in Example 5-2 is executed on server esb01.itso.ibm.com to create queue \\nmanager ESB01.\\nExample 5-2   Create queue manager ESB01\\n>crtmqm ESB01WebSphere MQ queue manager created.Directory \\'C:\\\\Program Files (x86)\\\\IBM\\\\WebSphere MQ\\\\qmgrs\\\\ESB01\\' created.Creating or replacing default objects for ESB01.Default objects statistics : 68 created. 0 replaced. 0 failed.Completing setup.Setup completed.\\nESB02 Queue Manager for Backend ESB-02\\nThe command in Example 5-3 is executed on server esb02.itso.ibm.com  to create queue \\nmanager ESB02.\\nExample 5-3   Create queue manager ESB02\\n>crtmqm ESB02WebSphere MQ queue manager created.Directory \\'C:\\\\Program Files (x86)\\\\IBM\\\\WebSphere MQ\\\\qmgrs\\\\ESB02\\' created.Creating or replacing default objects for ESB01.Default objects statistics : 68 created. 0 replaced. 0 failed.Completing setup.Setup completed\\nB2B02 Queue Manager for Sterling and ESB integration\\nThe command in Example 5-4 is executed on server b2b02.itso.ibm.com  to create queue \\nmanager B2B02.\\nExample 5-4   Create queue manager B2B02\\n>crtmqm B2B02WebSphere MQ queue manager created.Directory \\'C:\\\\Program Files (x86)\\\\IBM\\\\WebSphere MQ\\\\qmgrs\\\\B2B02\\' created.Creating or replacing default objects for B2B02.Default objects statistics : 68 created. 0 replaced. 0 failed.Setup completed. Chapter 5. Health Insurance scenario 139Figure 5-30 illustrates the WebSphe re MQ topology used for impl ementation in this scenario.\\nFigure 5-30   WebSphere MQ topology\\nNow that all of the queue managers are created, we need to start them using the strmqm  \\ncommand. Example 5-5 shows the syntax of this command.\\nExample 5-5   The syntax of crtmqm command\\nstrmqm [-z] [-a | -c | -r | -x] [-d none|minimal|all] [-f]       [-ns] [-ss | -si] [QMgrName]\\nFor more information about all of the parameters for the strmqm  command, see the following \\nwebsite:\\nhttp://publib.boulder.ibm.com/infocenter/wmqv7/v7r0/topic/com.ibm.mq.amqzag.doc/fa\\n16090_.htm\\nThe commands used to start the various queue managers are shown in Example 5-6.\\nExample 5-6   Start queue manager commands\\n>strmqm ESB01\\n>strmqm ESB02>strmqm B2B02\\nCreate listener objects on the queue manager\\nIn this section, we create listener objects on various queue managers. We do this by issuing commands on the WebSphere MQ runmqsc  console. Also, the listeners control is set to be \\nqueue manager, so that listeners start/stop based on the control of the queue manager.\\n 140 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsFor more information about defining listeners, see the following website:\\nhttp://publib.boulder.ibm.com/infocenter/wmqv6/v6r0/topic/com.ibm.mq.csqzaj.doc/sc\\n11050_.htm\\nExample 5-7 to Example 5-9 illustrate comma nds to create listene rs on various queue \\nmanagers.\\nExample 5-7   Create listener on the queue manager ESB01\\nDEFINE LISTENER (\\'ESB01.LISTENER\\') TRPTYPE(TCP) IPADDR(\\'esb01.itso.ibm.com\\') PORT(1414) BACKLOG(0) DESCR(\\'ESB01 Queue Manager Listener\\') CONTROL(QMGR) REPLACE\\nExample 5-8   Create listener on the queue manager ESB02\\nDEFINE LISTENER (\\'ESB02.LISTENER\\') TRPTYPE(TCP) IPADDR(\\'esb02.itso.ibm.com\\') PORT(1414) BACKLOG(0) DESCR(\\'ESB02 Queue Manager Listener\\') CONTROL(QMGR) REPLACE\\nExample 5-9   Create listener on the queue manager B2B02\\nDEFINE LISTENER (\\'B2B02.LISTENER\\') TRPTYPE(TCP) IPADDR(\\'b2b02.itso.ibm.com\\') PORT(1414) BACKLOG(0) DESCR(\\'B2B02 Queue Manager Listener\\') CONTROL(QMGR) REPLACE\\nAfter all of the listeners are created, use the command shown in Example 5-10 to start the \\nlisteners from the runmqsc  console.\\nExample 5-10   Start que ue manager listener objects\\nSTART LISTENER(‘listener name’)\\nFor more information about this command, go to the following website:\\nhttp://publib.boulder.ibm.com/infocenter/wmqv6/v6r0/topic/com.ibm.mq.csqzaj.doc/sc\\n13170_.htm\\nConfigure a Queue Manager cluster\\nTo set up message communication between ITSO Healthcare queue manager, the following channels are required:\\n/SM590000Channel from ESB01 to ESB02 and B2B02\\n/SM590000Channel from ESB02 to ESB01 and B2B02\\n/SM590000Channel from B2B0 2 to ESB01 and ESB02\\nIf all of the ITSO Healthcare systems are me mbers of an MQ cluster, WebSphere MQ can \\nmanage the channels automatically. Using an MQ  cluster results in simpler administration \\nand configuration of the MQ network. The benefits of MQ clusters quickly increase as the number of systems grows. Using MQ clusters, the number of channels that must be manually defined is greatly reduced. Chapter 5. Health Insurance scenario 141For scenarios with larger numbers, queue managers using MQ clusters offer even greater \\nadministrative savings. Thus, ITSO Healthcare decides to set up an MQ Cluster ITSO.CLUSTER. The queue managers participating in ITSO.CLUSTER are listed in Table 5-1.\\nTable 5-1   Participating queue manager in wmq cluster ITSO.CLUSTER\\nFigure 5-31 illustrates the cluster channe ls created on thes e queue managers.\\nFigure 5-31   Cluster channels in MQ Cluster ITSO.CLUSTER\\nAlter queue manager definitions to add to the repository\\nOn each queue manager that is to hold a full repository, you need to alter the queue manager \\ndefinition using the ALTER QMGR command and specifying the REPOS attribute. Issue the command shown in Example 5-11 from the runmqsc  console of the queue manager ESB01 \\nand ESB02. These two queue managers are changed to a full repository.\\nExample 5-11   Change queue manager to full repository\\nALTER QMGR REPOS(\\'INVENTORY.CLUSTER\\')Queue Manager Repository\\nESB01 Full Repository\\nESB02 Full Repository\\nB2B02 Partial Repository\\n 142 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsCreate a cluster channel on ESB01\\nCreate a cluster receiver and cluster sender channel on the full repository queue manager \\nESB01. Example 5-12 shows the commands  used to create  these channels.\\nExample 5-12   Clust er channel on ESB01\\nDEFINE CHANNEL (TO.ESB01) CHLTYPE (CLUSRCVR) TRPTYPE (TCP) CONNAME \\n(\\'esb01.itso.ibm.com(1414)\\') CLUSTER (ITSO.CLUSTER) REPLACE\\nDEFINE CHANNEL (TO.ESB02) CHLTYPE (CLUSSDR) TRPTYPE (TCP) CONNAME \\n(\\'esb02.itso.ibm.com(1414)\\') CLUSTER (ITSO.CLUSTER) REPLACE\\nCreate a cluster channel on ESB02\\nCreate a cluster receiver and cluster sender channel on the full repository queue manager ESB02. Example 5-13 shows the commands  used to create  these channels.\\nExample 5-13   Clust er channel on ESB02\\nDEFINE CHANNEL (TO.ESB02) CHLTYPE (CLUSRCVR) TRPTYPE (TCP) CONNAME \\n(\\'esb02.itso.ibm.com(1414)\\') CLUSTER (ITSO.CLUSTER) REPLACE\\nDEFINE CHANNEL (TO.ESB01) CHLTYPE (CLUSSDR) TRPTYPE (TCP) CONNAME \\n(\\'esb01.itso.ibm.com(1414)\\') CLUSTER (ITSO.CLUSTER) REPLACE\\nCreate a cluster channel on B2B02\\nCreate a cluster receiver and cluster sender channel on the partial repository queue manager B2B02. Example 5-14 shows the commands used to create these channels.\\nExample 5-14   Cluster channel on B2B02\\nDEFINE CHANNEL (TO.B2B02) CHLTYPE (CLUSRCVR) TRPTYPE (TCP) CONNAME (\\'b2b02.itso.ibm.com(1414)\\') CLUSTER (ITSO.CLUSTER) REPLACE\\nDEFINE CHANNEL (TO.ESB01) CHLTYPE (CLUSSDR) TRPTYPE (TCP) CONNAME \\n(\\'esb01.itso.ibm.com(1414)\\') CLUSTER (ITSO.CLUSTER) REPLACE\\nQueue managers are added to the repository and channels are created between the cluster \\ncomponents. Now we can also manage this cluster from WMQ explorer. Use the following procedure.\\n1. On the server esbo1.itso.ibm.com, select Start\\uf0ae\\uf020Programs \\uf0ae IBM WebSphere MQ \\uf0ae \\nWebSphere MQ Explorer , and click  WebSphere MQ Explorer  to launch the Eclipse GUI.\\n2. In the Navigator view of WebSphere MQ Explorer, expand Queue Manager Cluster \\uf0ae \\nITSO.CLUSTER .  Chapter 5. Health Insurance scenario 1433. Figure 5-32 shows the participating queue managers in MQ cluster ITSO.CLUSTER.\\nFigure 5-32   Cluster admin istration from WMQ explorer\\nFor more information about WebSphere MQ clusters, go to the following website:\\nhttp://publib.boulder.ibm.com/infocenter/wmqv6/v6r0/topic/com.ibm.mq.csqzah.doc/qc\\n10120_.htm\\nCreate a server connection channel\\nMQI channels are used by applications in client mode (rather than bindings mode) to connect to queue managers. MQI channels are bidirectional; they carry WebSphere MQ API calls, (for example, “GET a message from queue XYZ”) from the application to the queue manager. They also carry responses to those calls from the queue manager back to the application.\\nSterling B2B Integrator uses server connection channel to connect B2B02 queue manager. \\nExample 5-15 shows the command to be used from the runmqsc  console to create the server \\nconnection channel B2B.HEALTH.SFG  on queue manager B2B02.\\nExample 5-15   Create server connection channel\\nDEFINE CHANNEL(\\'B2B.HEALTH.SFG\\') CHLTYPE(SVRCONN) REPLACE\\nCreate queues for applications\\nYou must first define the cluste r queues on the queue manager, which will be accessible from \\nany queue manager in the cluster. Example 5-16 shows the command to be executed from the runmqsc  console of queue ma nager ESB01 and ESB02. \\nAfter executing this command, a cluster queue HEALTH.B2B.ESB.REQUEST.QC is created \\non ESB01 and ESB02. This queue is used for ac cepting incoming mess ages from HIPAA 837 \\nmessage from Sterling B2B Integrator and later messages are processed by the backend ESB message flow.\\nExample 5-16   Cluster queue for accepting HIPAA 837 message\\nDEFINE QLOCAL (HEALTH.B2B.ESB.REQUEST.QC) DEFBIND (NOTFIXED) CLWLUSEQ (ANY) CLUSTER (ITSO.CLUSTER) REPLACE\\n 144 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsExample 5-17 shows the command to define local queue HEALTH.B2B.ESB.BACKEND.QL \\non queue manager ESB01 and ESB02 for sending messages to backend application in canonical format. \\nExample 5-17   Local queue for sending messages to backend application\\nDEFINE QLOCAL (HEALTH.B2B.ESB.BACKEND.QL) REPLACE\\nIt is a good practice to define alias queues for c lients, instead of providing details of physical \\ncluster and local queues on the queue manager. We define alias queues to be used by Sterling B2B integrator, WebSphere Message Broker and the backend application.\\nExample 5-18 shows the command to define alias queue HEALTH.B2B.ESB.RQEQUEST. \\nSterling B2B integrator uses this queue to send HIPAA 837 messages. This alias queue, in turn, sends messages to target cluster queue HEALTH.B2B.ESB.REQUEST.QC on queue manager ESB0 1 and ESB02.\\nExample 5-18   Alias queues on queue manager B2B02\\nDEFINE QALIAS (HEALTH.B2B.ESB.REQUEST) CLUSTER (ITSO.CLUSTER) DEFBIND(NOTFIXED) \\nTARGQ (HEALTH.B2B.ESB.REQUEST.QC) REPLACE\\nExample 5-19 illustrates creation of alia s queue HEALTH.B2B.ESB.BACKEND in queue \\nmanager ESB01, this queue is defined for putting messages from target local queue HEALTH.B2B.ESB.BACKEND.QL. \\nExample 5-19   Alias queues on queue manager ESB01\\nDEFINE QALIAS (HEALTH.B2B.ESB.BACKEND)TARGQ (HEALTH.B2B.ESB.BACKEND.QL) REPLACE\\nExample 5-20 illustrates creation of alia s queue HEALTH.B2B.ESB.BACKEND in queue \\nmanager ESB02, this queue is defined for putting messages from target local queue HEALTH.B2B.ESB.BACKEND.QL.\\nExample 5-20   Alias queues on queue manager ESB02\\nDEFINE QALIAS (HEALTH.B2B.ESB.BACKEND)TARGQ (HEALTH.B2B.ESB.BACKEND.QL) REPLACE\\nTo learn more about local queues, go to the following website:\\nhttp://publib.boulder.ibm.com/infocenter/wmqv7/v7r0/topic/com.ibm.mq.amqzag.doc/fa\\n11220_.htm\\nTo learn more about clustered queues and queue manager, go to the following website:\\nhttp://publib.boulder.ibm.com/infocenter/wmqv7/v7r0/topic/com.ibm.mq.csqzah.doc/qc\\n10680_.htm\\nTo learn more about alias queues, go to the following websites:\\nhttp://publib.boulder.ibm.com/infocenter/wmqv7/v7r0/topic/com.ibm.mq.csqzal.doc/fg\\n10990_.htm\\nhttp://publib.boulder.ibm.com/infocenter/wmqv7/v7r0/topic/com.ibm.mq.amqzag.doc/fa\\n11330_.htm\\nWith queues created to be used by Sterling B2B Integrator, WebSphere Message Broker, and \\nbackend application the WebSphere MQ, the configuration steps are complete. Chapter 5. Health Insurance scenario 145Step 6: Configure WebSphere Transformation Extender\\nAs stated in the introduction to this book, it is assumed that any WebSphere Transformation \\nExtender component that is needed has already been installed. For any scenario using WebSphere Transformation Extender, the Design Studio must be installed on a development platform in order to create the maps needed for translation. In this scenario, WebSphere Transformation Extender for Integration Servers and the WebSphere Transformation Extender Industry Pack for Health Care have also been installed on the development platform, as well as the server that will host We bSphere Message Broker flows.\\nFor this scenario, two translation maps are needed, one to transform the incoming HIPAA \\n837P message into canonical form, and a second to transform the canonical message into the target format. In addition to these transformations, the compliance check map system that ships with the health care industry pack is used to perform compliance checking and generate the HIPAA 999 acknowledgment using the Sterling B2B Integrator de-envelope service. \\nThe compliance check map system that ships with the industry pack allows for compliance \\nchecking from level 1 compliance through level 7 compliance. For this scenario, we chose to use level 4 compliance checking. For details on how to set the compliance level in the \\ncompliance check map, and how to configure the Sterling B2B Integrator and WebSphere Transformation Extender to perform HIPAA compliance check, see the documentation that ships with the industry pack and the help menu in the Design Studio.\\nHIPAA 837P to canonical xml\\nThe map used for translating the HIPAA 837P message to the canonical form is composed of \\none input card and two output cards, as shown in Figure 5-33 on page 146. This map is deployed to the Sterling B2B Integrator to make it available for use within the WTXMap service.\\nThe input card is defined using a trimmed tree from the health care pack, as shown in \\nFigure 5-34 on page 146 for the input card definition and Figure 5-35 on page 147 for the type tree. The type tree is customized based on the instructions in chapter 15 of the documentation shipped with the industry pack.\\nThe first output card is defined using the canonical form xsd. Figure 5-36 on page 148 shows \\nthe output card definition. The second output card is defined using a type tree that consists of a blob item that has been nested inside layers of groups to mimic the envelope structure of the canonical xml. This was done to facilitate the process of splitting individual claims into separate xml interchanges. Figure 5-37 on page 149 shows the definition of output card 2.\\nIn the case of a compliant mess age, the canonical form of the message, split into a single xml \\ninterchange per claim, is passed back to the business process. A reference to each singleton xml claim is put into ProcessData. The busine ss process then passes each singleton xml \\nclaim to the broker flow for further processing. In the case of a non-compliant message processing terminates. In either case Sterling B2B Integrator returns the 999 acknowledgement to the trading partner.\\nTip: The WebSphere Transformation Extender map rule function “PUT” with the adapter \\nalias “WIRE” is used to split the xml into singleton claims. Usage of this function is \\ndescribed in Chapter 4, “Routing and transforming messages” on page 69, as shown in Example 4-3 on page 98.  146 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsFigure 5-33   HIPAA_837p_5010_toxml_SglClm.mms\\nFigure 5-34   Input card definition\\n Chapter 5. Health Insurance scenario 147Figure 5-35   Trimmed HIPAA type tree\\n 148 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsFigure 5-36   Output Card 1\\n Chapter 5. Health Insurance scenario 149Figure 5-37   Output Card 2\\nCanonical to backend format\\nThe map used for translating the canonical message to the backend format is composed of \\none input card and one output card, as shown in Figure 5-38 on page 150. Because the purpose of this map is to convert the canonical message created in the map described in the section “HIPAA 837P to canonical xml” on page 145, the input card for this map is defined exactly as the output card 1 of the HIPAA 837P to canonical xml map was defined, using the same xml schema definition file. Figure 5-39 on page 151 shows the card definition. \\nOne of the things to notice is that the “Document Verification” attribute is set to “Well Formed \\n(Xerces Only). It is because we do not need to validate the xml against the actual schema, because the xml was created internally. We only need to verify that the xml is well formed.\\n 150 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsFigure 5-38   Canonical xml to backend format map\\n Chapter 5. Health Insurance scenario 151Figure 5-39   Input card for canonical to backend map\\nThe output card is defined by a custom type tree. In many cases, for similar scenarios, the \\nbackend format can be imported using one of the type importers described in Chapter 4, “Routing and transforming messages” on page 69 in Part 1 of this book, such as from a COBOL copybook. In our example, the format was given to us in a type specification document and the type tree was created by hand. \\nThe output card definition is shown in Figure 5-40 on page 152 and the type tree we built is \\nshown in Figure 5-41 on page 153. The result of executing this map is the canonical xml is translated into the delimited record format required by the backend application, as shown in Example 5-31 on page 175.\\n 152 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsFigure 5-40   Output card definition\\n Chapter 5. Health Insurance scenario 153Figure 5-41   Type tree for backend format\\nStep 7: Configure W ebSphere Message Broker\\nIn this scenario, we use WebSphere Message Broker to transform and route incoming HIPAA \\nmessages arriving from Sterling B2B Integrator. Message flows deployed on WebSphere Message Broker read HIPAA 837 XML messages on the WebSphere MQ queue, and later transform and put incoming messages into legacy format for the backend application. \\nWe use the following steps to configure WebSphere Message Broker for this scenario:\\n/SM590000Create a broker\\n/SM590000Create execution group on broker\\n/SM590000Create and configure message flow\\n/SM590000Deploy message flow\\n 154 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsCreate a Broker\\nA Message Broker can be created using the mqsicreatebroker  command. Example 5-21 \\nshows the syntax of  this command.\\nExample 5-21   The mqsicreatebroker command syntax\\nmqsicreatebroker brokerName -i serviceUserId -a servicePassword -q \\nqueueManagerName [-g configurationChangeTimeout] [-k internalConfigurationTimeout] [-w workPath] [-e sharedWorkpath] [-l userLilPath] [-t] [-m] [-v statisticsMajorInterval][-P httpListenerPort] [-c icuConverterPath] [-y ldapPrincipal -z ldapCredentials] [-x userExitPath] [-o operationMode] [-s adminSecurity] [-d MQService]\\nTo learn more about all parameters for the mqsicreatebroker command, see the following \\nwebsite:\\nhttp://publib.boulder.ibm.com/infocenter/wmbhelp/v8r0m0/topic/com.ibm.etools.mft.d\\noc/an07080_.htm\\nESB01 broker for backend ESB-01\\nThe command in Example 5-22 is executed on server esb01.itso.ibm.com  to create broker \\nESB01.\\nExample 5-22   Create broker ESB01\\nmqsicreatebroker ESB01 -i <username> -a <password> -q ESB01\\nESB02 broker for backend ESB-02\\nThe command in Example 5-23 is executed on server esb02.itso.ibm.com  to create broker \\nESB02.\\nExample 5-23   Create broker on ESB02\\nmqsicreatebroker ESB02 -i <username> -a <password> -q ESB02 Chapter 5. Health Insurance scenario 155Figure 5-42 shows the WebSphere Message Broker topology used for the implementation of \\nthe Healthcare scenario.\\nFigure 5-42   WebSphere Message Broker topology\\nNow that all of the brokers are created, we start them by using the mqsistart  command, as \\nshown in Example 5-24.\\nExample 5-24   The syntax for mqsistart command\\nmqsistart <brokerName>\\nTo learn more about the mqsistart  command, go to the following website:\\nhttp://publib.boulder.ibm.com/infocenter/wmbhelp/v8r0m0/topic/com.ibm.etools.mft.d\\noc/an07230_.htm\\nThe commands used to start various brokers are shown in Example 5-25.\\nExample 5-25   Start broker commands\\n>mqsistart ESB01\\n>mqsistart ESB02\\nCreate an execution group on the broker\\nIn this section, we create execution groups on various brokers by issuing the mqsicreateexecutiongroup  command. An execution group is a named grouping of message \\nflows that have been assigned to a broker. The broker enforces a degree of isolation between message flows in distinct execution groups by ensuring that they run in separate address spaces, or as unique processes.\\n 156 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsAn execution group process is also known as a DataFlowEngine (DFE); this term is typically \\nused in problem determination scenarios (trace contents, diagnostic messages, and so on). A DFE is created as an operating system process, and has a one-to-one relationship with the named execution group. If more than one message flow runs within an execution group, multiple threads are created within the DFE process.\\nExample 5-26 shows the syntax for the mqsicreateexecutiongroup  command.\\nExample 5-26   The syntax for mqsicreateexecutiongroup command\\nmqsicreateexecutiongroup brokerSpec -e egName [-w timeoutSecs] [-v traceFileName]\\nTo learn more about the mqsicreateexecutiongroup  command, go to the following website:\\nhttp://publib.boulder.ibm.com/infocenter/wmbhelp/v8r0m0/topic/com.ibm.etools.mft.d\\noc/an26000_.htm\\nWe create the execution group ITSOHealth on brokers ESB01 and ESB02. Example 5-27 \\nand Example 5-28 shows the commands to be executed on the brokers.\\nExample 5-27   Create execution group ITSOHealth on ESB01\\n>mqsicreateexecutiongroup ESB01 -e ITSOHealth\\nExample 5-28   Create execution group ITSOHealth on ESB02\\n>mqsicreateexecutiongroup ESB02 -e ITSOHealth\\nFigure 5-43 shows the execution group ITSOHealth created on Broker ESB01.\\nFigure 5-43   Execution gro up ITSOHealth on broker ESB01\\nCreate and configure a message flow\\nWe start by creating a new application, but before that, we launch the WebSphere Message \\nBroker v8.0.0.0 toolkit, as described in the following procedure.\\n1. On the server esbo1.itso.ibm.com , select Start\\uf0ae\\uf020All Programs \\uf0ae IBM WebSphere \\nMessage Broker toolkit \\uf0ae and click WebSphere Message Broker toolkit 8.0  to launch \\nthe Eclipse GUI.\\n2. In the workspace wizard, enter the workspace location and click OK.\\n3. After the workspace is launched, close the Welcome  tab and enter in “Broker application \\ndevelopment perspective.”\\n Chapter 5. Health Insurance scenario 1574. Figure 5-44 illustrates the broker development vi ew in the top left co rner of the Broker \\napplication development  perspective. Click New Application to open a new application \\nwizard.\\nFigure 5-44   Create new message broker application project\\n5. Figure 5-45 shows the New Application wizard. Enter the application name as \\n“HealthCareESB” and then click Finish .\\nFigure 5-45   Create new application\\n 158 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer Solutions6. Figure 5-46 shows the new message broker application project Heal thCareESB created in \\nthe broker development view. Click New\\uf0ae Message Flow .\\nFigure 5-46   Create new message flow\\n Chapter 5. Health Insurance scenario 1597. Figure 5-47 shows the New Message Flow creation wizard. Enter the message flow name \\n“HIPAA837” and then click Finish .\\nFigure 5-47   Create HIPAA837 message flow for SI and backend integration\\n8. Figure 5-48 shows the message flow editor for message flow HIPAA837. We now proceed \\nby dragging and dropping the nodes in Table 5-2.\\nFigure 5-48   Create HIPAA837 message flow functionality\\n 160 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsTable 5-2 lists the node types to be dragged from the pallet and then renamed to the \\ncorresponding node name in the message flow editor area.\\nTable 5-2   Nodes in message flow HIPAA837\\nTable 5-3 shows the terminals used to connect the nodes listed in Table 5-2.\\nTable 5-3   Connection between nodes\\n9. After the nodes are renamed and connected using the details mentioned in Table 5-2 and \\nTable 5-3, the connected nodes message flow should look similar to Figure 5-49.\\nFigure 5-49   Connected nodes in message flow HIPAA837\\n10.Configure the properties of the nodes as shown in Table 5-4.\\nTable 5-4   Node propertiesNode name Node type\\nHIPAA837IN MQInput Node\\nXML To Legacy WTX NodeHEALTH_BACKEND MQOutput Node\\nSource node Output terminal Destination node Input terminal\\nHIPAA837IN Out XML To Legacy in\\nXML To Legacy out1 v in\\nNode name Property name Property value\\nHIPAA837IN Queue name HEALTH.B2B.ESB.REQUEST\\nXML To Legacy Local compiled map <external path to map>/837Canonical_toLegacy.mmc\\nMap server location <external path to map>/837Canonical_toLegacy.mmcInput card 1Output card 1\\nHEALTH_BACKEND Queue name\\nHEALTH.B2B.ESB.BACKEND Chapter 5. Health Insurance scenario 161Save the flow, and proceed to create the broker archive (BAR) file for deployment.\\nMap properties: The message flow derives the WTX map properties from different \\nsources, and does the search for the properties in the order listed:\\n1. Run time:/SM590000Source: LocalEnvironment\\n/SM590000Override the map server location and input card to wire map properties at run time in \\nthe LocalEnvironment.\\n/SM590000For information about how the LocalEnvironment works, see the related topics in the \\nWebSphere Message Broker product documentation that is published on the WebSphere Message Broker Library Web page: http://www.ibm.com/software/integration/wbimessagebroker/library\\n2. Deploy time:\\n/SM590000Source: broker archive (bar) file\\n/SM590000Override the cache map, map name, map server location, and input card to wire map \\nproperties at deploy time in the bar file using the Configure tab of the Properties view, which is under the Manage tab in the Broker Archive editor.\\n3. Design time:\\n/SM590000Source: WTX Map node\\n/SM590000Override the map and card properties at design time in the Map Settings tab of the \\nWTX Map node.\\nAt run time, override the following map properties by using the WebSphere Message \\nBroker LocalEnvironment tree from a prior node in the message flow, such as a Compute node, which can change the LocalEnvironment to override parameters in the tree that is passed to the WTX Map node:\\ndynamicMap property:\\nLocalEnvironment tree path:  LocalEnvironment.WTX.DynamicMap\\nPurpose: Y ou can override a WebSphere Transformation Extender map by populating the \\nWebSphere Message Broker local environment tree with the binary data of a compiled map, stored, for example, in WebSphere Service Registry and Repository (WSRR). \\nResult:  When a compiled map is stored in WSRR, you can use a node such as the \\nWebSphere Message Broker Compute node, Java Compute node, or RegistryLookup node to populate the local environment tree with the binary data of the compiled map. A compiled map in the local environment tree overrides both a dynamic path to a map in the local environment tree\\nMapServerLocation property\\nLocalEnvironment tree path:  LocalEnvironment.WTX.MapServerLocation\\nPurpose:  To run the compiled map located in a different location than the location \\nconfigured on the WTX Map node.\\nResult:  WebSphere Message Broker overrides the map server location with the location \\nyou specified in the LocalEnvironment tree, and the WTX Map node runs the map from this location instead. 162 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsDeploy a message flow\\nPrior to deployment, a broker archive (BAR) file should be created to compile the message \\nflow. Use the following procedure.\\n1. Create a new BAR file as shown in Figure 5-50.\\nFigure 5-50   Create new BAR fileNote continued:  (WTX map properties)\\nCardNumberToWire propertyLocalEnvironment tree path: LocalEnvironment.WTX.InputCardNumberToWire\\nPurpose: To specify which input card of the map should be wired.\\nResult:  The specified map input card receives its data from the prior node in the message \\nflow.\\n Chapter 5. Health Insurance scenario 1632. The New BAR file wizard open s. Enter the BAR file name as “HealthCareESB” and click \\nFinish. Figure 5-51  shows the New BAR file wizard.\\nFigure 5-51   New BAR file wizard\\n3. After the BAR file is created, it opens in the BAR file editor , as shown in Figure 5-52. Click \\nthe Prepare  tab in this editor and se lect the HealthCareESB application to be compiled in \\nthis BAR file.\\nFigure 5-52   Select application in BAR file editor\\n 164 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer Solutions4. Figure 5-53 shows how to build the BAR file. Click the Manage  tab and then click the \\nRebuild  button. If there are no compilation errors, the BAR file is built. Save the BAR file \\nbefore deployment.\\nFigure 5-53   Build the BAR \\n5. After the BAR file is  created, deploy it on broker ESB01 on esb01.itso.ibm.com  and \\nESB02 on esb02.itso.ibm.com . Drag and drop the BAR file on execution group \\nHealthCareESB on broker ESB0 1. Figure 5-54 shows the app lication deployed on the \\nexecution group. Transfer the BAR file to esb02.itso.ibm.com  and deploy it on broker \\nESB02. \\nFigure 5-54   Message flow deployed on execution group ITSOHealth\\nThe next main step is to perfor m the complete integration testing.\\n Chapter 5. Health Insurance scenario 1655.5  Testing the scenario\\nNow that the various applications are configured properly, it is time to test the integration of \\nthese systems. We need to track the message from the receipt at Sterling Secure Proxy \\nthrough to the eventual delivery as the output from WebSphere Message Broker to the backend system.\\nIn order to demonstrate this integration scenario, we track the delivery, receipt, and \\nprocessing of a single Health  Care Claim (HIPAA EDI 837) as it moves through the system. \\nWe view the original message, as received from the trading partner, and then we review the intermediate documents that are prepared by the various transformations. We end with the final document delivered to the backend application. We also briefly look at the acknowledgement (EDI 999) that is returned to the trading partner to confirm receipt of the message and detail any compliance errors.\\n5.5.1  Original message\\nThe process is initiated by our fictitious trading partner, ITSORetail Corporation, creating a Health Care Claim (HIPAA EDI 837 ) request on behalf of a client. This request is formatted \\nproperly, and is then transmitted by the AS2 protocol by the public Internet, until it finally connects to our Sterling Secure Proxy engine in the DMZ.\\nExample 5-29 is the example message we are using in this test.\\nExample 5-29   Example HIPAA EDI 837 message\\nISA*00*          *00*          *ZZ*HEALTHCARE_DEV *ZZ*HEALTHCARE_PS  \\n*070612*1041*^*00501*000000001*0*T*:GS*HC*DEVELOPMENT*PROFSERV*20070612*1041*42*X*005010X222A1ST*837*1323*005010X222A1BHT*0019*00*244579*20061015*1023*CHNM1*41*2*PREMIER BILLING SERVICE*****46*TGJ23PER*IC*JERRY JAMES*TE*3055552222*EX*231NM1*40*2*KEY INSURANCE COMPANY*****46*66783JJTHL*1**20*1PRV*BI*PXC*203BF0100YNM1*85*2*BEN SANGFORD SERVICE*****XX*9876543210N3*234 SEAWAY STN4*MIAMI*FL*33111REF*EI*587654321NM1*87*2N3*2345 OCEAN BLVDN4*MAIMI*FL*33111HL*2*1*22*1SBR*P**2222-SJ******CINM1*IL*1*SMITH*JANE****MI*JS00111223333NM1*PR*2*KEY INSURANCE COMPANY*****XV*999996666N4*MAIMI*FL*33111REF*FY*KA6663HL*3*2*23*0PAT*19NM1*QC*1*LARKINS*THEODOREN3*236 N MAIN STN4*MIAMI*FL*33413DMG*D8*19730501*M 166 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsCLM*26463774*100***11:B:1*Y*A*Y*I\\nREF*D9*17312345600006351HI*BK:0340*BF:V7389LX*1SV1*HC:99213*40*UN*1***1DTP*472*D8*20061003LX*2SV1*HC:87070*15*UN*1***1DTP*472*D8*20061003LX*3SV1*HC:99214*35*UN*1***2DTP*472*D8*20061010LX*4SV1*HC:86663*10*UN*1***2DTP*472*D8*20061010SE*42*1323ST*837*1324*005010X222A1BHT*0019*00*0123*19981015*1023*RPNM1*41*1*PREMIER*BILLING SERVICE****46*TGJ23PER*IC*BRENT RICE*TE*3055552222*EX*231PER*IC*TERRY SPANGLER*TE*3055552222*EX*231NM1*40*2*REPRICER SERVICES INC*****46*66783JJTHL*1**20*1PRV*BI*PXC*207Q00000XCUR*85*CADNM1*85*1*PREMIER BILLING SERVICEN3*234 SEAWAY STN4*TAMPA*FL*33111REF*SY*888555222NM1*87*2N3*2345 OCEAN BLVDN4*MIAMI*FL*33111HL*2*1*22*0SBR*P*18*12312A******HMPAT*****D8*19970314NM1*IL*1*OWENS*TED****MI*000221111N3*236 N MAIN STN4*MIAMI*FL*33413DMG*D8*19430501*MNM1*PR*2*ALLIANCE HEALTH AND LIFE INSURANCE*****XV*741234N4*KANSAS CITY*MO*64108CLM*26462967*100***11:B:1*Y*A*Y*Y*P*EMDTP*431*D8*19981003DTP*439*D8*20070106PWK*03*BM***AC*DMN0012PWK*04*EL***AC*DMN0012PWK*05*EM***AC*DMN0012PWK*06*FX***AC*DMN0012PWK*07*FT***AC*DMN0012PWK*08*AAPWK*09*AAPWK*11*AAPWK*13*AAPWK*15*AAREF*D9*17312345600006351 Chapter 5. Health Insurance scenario 167NTE*ADD*NOTE TEST\\nHI*BK:0340*BF:V7389NM1*82*1*KILDARE*BEN****XX*112233334PRV*PE*PXC*203BF0100YNM1*77*2*ABC CLINIC*****XX*581234567N3*2345 OCEAN BLVDN4*MIAMI*FL*33111LX*1SV1*HC:99213*40*UN*1***1PWK*BT*BM***AC*DMN0012PWK*CB*EL***AC*DMN0012PWK*CK*EM***AC*DMN0012PWK*CT*FX***AC*DMN0012PWK*D2*FT***AC*DMN0012PWK*DA*AAPWK*DB*AAPWK*DG*AAPWK*DJ*AAPWK*DS*AADTP*472*D8*19981003LX*2SV1*HC:99214*15*UN*1***1PWK*03*BM***AC*DMN0012PWK*04*EL***AC*DMN0012PWK*05*EM***AC*DMN0012PWK*06*FX***AC*DMN0012PWK*07*FT***AC*DMN0012PWK*08*AAPWK*09*AAPWK*11*AAPWK*13*AAPWK*15*AADTP*472*D8*19981003LX*3SV1*HC:87072*35*UN*1***2PWK*21*BM***AC*DMN0012PWK*A3*EL***AC*DMN0012PWK*A4*EM***AC*DMN0012PWK*AM*FX***AC*DMN0012PWK*AS*FT***AC*DMN0012PWK*B2*AAPWK*B3*AAPWK*B4*AAPWK*BR*AAPWK*BS*AADTP*472*D8*19981003LX*4SV1*HC:86663*10*UN*1***2PWK*EB*BM***AC*DMN0012PWK*HC*EL***AC*DMN0012PWK*HR*EM***AC*DMN0012PWK*I5*FX***AC*DMN0012PWK*IR*FT***AC*DMN0012PWK*LA*AAPWK*M1*AA 168 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsPWK*MT*AA\\nPWK*NN*AAPWK*OB*AADTP*472*D8*19981010SE*99*1324GE*2*42IEA*1*000000001\\n5.5.2  Delivery to Sterling File Ga teway and routing of the message\\nSterling Secure Proxy confirms the identification of the sender, and if correct, then it routes \\nthe message to our Sterling B2B Integrator for processing by the standard AS2 business processes.\\nSterling B2B Integrator receives an HTTP POST message on the URI defined for inbound AS \\ncommunications, and this in turn initiate s the EDIIntParse business process, which \\ninterrogates the message and retrieves the required values from the configured AS2 Partner profile by several sub-processes.\\nAfter Sterling B2B Integrator confirms the values and the message, it then deposits this \\nmessage in the /AS2/ITSOHealthcare/ITSORetail/Inbound  mailbox for Sterling File Gateway \\nto route. It also sends a properly formatted MDN back to the partner, by Sterling Secure Proxy, to indicate successful receipt of the inbound message.\\nBecause Sterling File Gateway has a Routing Rule that runs on all defined producer \\nmailboxes continuously, the message placed in the /AS2/ITSOHealthcare/ITSORetail/Inbound  mailbox is seen and routed to the \\n/ITSORetail/Inbox  almost immediately upon arrival.\\nFigure 5-55 on page 168 shows the routed message (highlighted) with some of the details of \\nthe route also displayed.\\nFigure 5-55   Successful route of the HIP AA EDI 837 message in Sterling File Gateway\\n Chapter 5. Health Insurance scenario 169As mentioned previously, Sterling File Gateway places the message in the mailbox \\n/ITSORetail/Inbox , which prepares it for the next proc essing step, which will now proceed in \\nSterling B2B Integrator.\\n5.5.3  Processing of the message in Sterling B2B Integrator\\nFigure 5-56 shows the mailbox /ITSORetail/Inbox  prior to the next step in the processing of \\nthe message.\\nFigure 5-56   Mail /ITSORetail/Inbox prior to the Routing Rule running\\nBecause of the routing rule configured to watch this mailbox, the system detects the message after it is placed in the mailbox and then trigger the business process EDIInboundBootstrap.\\nThis business process extracts the message from the /ITSORetail/Inbox  mailbox and then, \\nas part of the process, invoke the EDIDee nvelope business process, which is another \\nprocess that is shipped as a standard part of Sterling B2B Integrator.\\n 170 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsFigure 5-57 shows the steps of a successful execution of the business process.\\nFigure 5-57   Successful execution of EDIInboundBootstrap\\nThis service then invokes the X12Deenvelop eUnified business process, which does the \\nactual de-enveloping of the message, and the compliance check and initial transformation to the canonical format.\\n Chapter 5. Health Insurance scenario 171Figure 5-58 is the successful execution of the X12DeenvelopeUnified business process, \\nwhich in turn invokes the next process in the chain.\\nFigure 5-58   Successful execution of X12DeenvelopeUnified\\nThe X12DeenvelopeUnified business process co mpletes the de-enveloping of the message, \\ngenerates the acknowledgement, and finally triggers the last business process in the chain, which will finally send the messa ge on to the WebSphere MQ queue for further processing.\\n 172 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsFigure 5-59 shows successful execution of the business process ITSOHealthCare_MQSend, \\nwhich completes this portion of the test.\\nFigure 5-59   Successful execution to move the message to the WebSphere MQ queue\\n5.5.4  Processing of the mess age in WebSphere Message Broker\\nAfter the broker picks the inbound 837 message up from the queue, it then routes the \\nmessage to a WTX map node and converts the XML message in backend legacy format. Example 5-30 illustrates the incoming XML me ssage which will be transformed in legacy \\nformat, as shown in Example 5-31 on page 175.\\nExample 5-30   Excerpt of the canonical xml after transformation from HIPAA 837\\n<CMS_837P_5010A1_XML><Interchange><ISA><Record_Identifier_84><Loop_Id></Loop_Id><Loop_Seq_Num></Loop_Seq_Num><Segment_Id>ISA</Segment_Id><Segment_Seq_Num>1</Segment_Seq_Num></Record_Identifier_84><AUTH_INFO_QUAL>00</AUTH_INFO_QUAL><AUTH_INFO></AUTH_INFO>\\n Chapter 5. Health Insurance scenario 173<SEC_INFO_QUAL>00</SEC_INFO_QUAL>\\n<SEC_INFO></SEC_INFO><INTRCHG_ID_QUAL>ZZ</INTRCHG_ID_QUAL><INTRCHG_SENDR_ID>HEALTHCARE_DEV</INTRCHG_SENDR_ID><INTRCHG_ID_QUAL2>ZZ</INTRCHG_ID_QUAL2><INTRCHG_RECVR_ID>HEALTHCARE_PS</INTRCHG_RECVR_ID><INTRCHG_DATE>2007-06-12T00:00:00</INTRCHG_DATE><INTRCHG_TIME>10:41:00</INTRCHG_TIME><REPITION_SEPARATOR>^</REPITION_SEPARATOR><INTRCHG_CTRL_VERS_NO>00501</INTRCHG_CTRL_VERS_NO><INTRCHG_CTRL_NO_286>1</INTRCHG_CTRL_NO_286><ACK_REQ>0</ACK_REQ><USAGE_IND>T</USAGE_IND><COMP_ELE_SEP>:</COMP_ELE_SEP></ISA><Functional_Group><GS><Record_Identifier_84><Loop_Id></Loop_Id><Loop_Seq_Num></Loop_Seq_Num><Segment_Id>GS</Segment_Id><Segment_Seq_Num>1</Segment_Seq_Num></Record_Identifier_84><FUNCT_ID_CD>HC</FUNCT_ID_CD><APP_SENDR_CD>DEVELOPMENT</APP_SENDR_CD><APP_RECVR_CD>PROFSERV</APP_RECVR_CD><FUNCTIONAL_GROUP_DATE>2007-06-12T00:00:00</FUNCTIONAL_GROUP_DATE><FUNCTIONAL_GROUP_TIME>10:41:00</FUNCTIONAL_GROUP_TIME><GRP_CTRL_NO_272>42</GRP_CTRL_NO_272><RESP_AGENCY_CD>X</RESP_AGENCY_CD><VERS_ID_CD>005010X222A1</VERS_ID_CD></GS><DATE_TRANSMISSION_RECEIPT><Record_Identifier_84><Loop_Id></Loop_Id><Loop_Seq_Num></Loop_Seq_Num><Segment_Id>DTP</Segment_Id><Segment_Seq_Num>1</Segment_Seq_Num></Record_Identifier_84><DATE_TIME_QUAL_202>+RC</DATE_TIME_QUAL_202><DATE_TIME_PERIOD_FORMAT_QUAL_201>D8</DATE_TIME_PERIOD_FORMAT_QUAL_201><TRANSMISSION_RECEIPT_DATE>2007-06-12T00:00:00</TRANSMISSION_RECEIPT_DATE></DATE_TRANSMISSION_RECEIPT><CLAIM_SOURCE_INDICATOR><Record_Identifier_84><Loop_Id></Loop_Id><Loop_Seq_Num></Loop_Seq_Num><Segment_Id>REF</Segment_Id> 174 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer Solutions<Segment_Seq_Num>1</Segment_Seq_Num>\\n</Record_Identifier_84><REF_ID_QUAL_354>+PR</REF_ID_QUAL_354><CLAIM_SOURCE_INDICATOR>O</CLAIM_SOURCE_INDICATOR></CLAIM_SOURCE_INDICATOR><Transaction_Set><ST><Record_Identifier_84><Loop_Id></Loop_Id><Loop_Seq_Num></Loop_Seq_Num><Segment_Id>ST</Segment_Id><Segment_Seq_Num>1</Segment_Seq_Num></Record_Identifier_84><TRANS_SET_ID_CD>837</TRANS_SET_ID_CD><TRANS_SET_CTRL_NO_385>1323</TRANS_SET_CTRL_NO_385><IMPL_GUIDE_VERSION_NAME>005010X222A1</IMPL_GUIDE_VERSION_NAME></ST>...</Service_Line></Claim_424></Subscriber_HL></Provider_HL><SE><Record_Identifier_84><Loop_Id></Loop_Id><Loop_Seq_Num></Loop_Seq_Num><Segment_Id>SE</Segment_Id><Segment_Seq_Num>1</Segment_Seq_Num></Record_Identifier_84><TRANS_SEGMENT_COUNT>99</TRANS_SEGMENT_COUNT><TRANS_SET_CTRL_NO_385>1324</TRANS_SET_CTRL_NO_385></SE></Transaction_Set><GE><Record_Identifier_84><Loop_Id></Loop_Id><Loop_Seq_Num></Loop_Seq_Num><Segment_Id>GE</Segment_Id><Segment_Seq_Num>1</Segment_Seq_Num></Record_Identifier_84><NO_OF_TRANS_SETS_INCLUDED>2</NO_OF_TRANS_SETS_INCLUDED><GRP_CTRL_NO_272>42</GRP_CTRL_NO_272></GE></Functional_Group><IEA><Record_Identifier_84><Loop_Id> Chapter 5. Health Insurance scenario 175</Loop_Id>\\n<Loop_Seq_Num></Loop_Seq_Num><Segment_Id>IEA</Segment_Id><Segment_Seq_Num>1</Segment_Seq_Num></Record_Identifier_84><NO_OF_INCLUDED_FUNCT_GRPS>1</NO_OF_INCLUDED_FUNCT_GRPS><INTRCHG_CTRL_NO_286>1</INTRCHG_CTRL_NO_286></IEA></Interchange></CMS_837P_5010A1_XML>\\nAfter the broker receives the canonical structure back from the map, it then routes the \\ncanonical message to the appropriate target. In this scenario, there is only one targeted backend application for the canonical message, but in real world scenarios, there could be other backend systems and services that also use the canonical message as input.\\n5.5.5  Final message delivery to backend application\\nExample 5-31 on page 175 shows the result of transforming the canonical xml message into the target backend format. In this scenario, the target format is a message containing fixed length header and detail records. \\nExample 5-31   Target backend format\\n201201161222548590000000000000000001|42|1323|9876543210|JS00111223333|JS00111223333|1|P||||OPEN|A|ZZ|HEALTHCARE_DEV|ZZ|HEALTHCARE_PS|2007-06-12|10:41:00|00501||100|4|TGJ23|||26463774|999996666||||||||||||||||1|0340201201161222550150000000000000000001|42|1324||000221111|000221111|1|P||||OPEN|A|ZZ|HEALTHCARE_DEV|ZZ|HEALTHCARE_PS|2007-06-12|10:41:00|00501|112233334|100|4|TGJ23|||26462967|741234||||1|XX|112233334||||KILDARE||||||1|0340\\nAfter the message is successfully delivered to our backend application, the scenario ends \\nwith the understanding that additional processing needs to occur in our backend application on the message.\\n5.5.6  Delivery of the acknowledgement to the trading partner\\nAs part of the de-enveloping of the HIPAA EDI 837 message in 5.5.3, “Processing of the message in Sterling B2B Integrator” on page 169, one of the steps in the X12DeenvelopeUnified process was to create an acknowledgement for the message.\\nIn this scenario, we return an EDI 999 message to the trading partner. The EDI 999 works \\nmuch like the more common EDI 997, but also details any compliance errors that are discovered in the original message.\\nWhen the de-envelope runs, it invokes the process EDIEnvelopeUnified, which uses the \\ndefined envelopes to prepare the EDI 999 message for transmission back to the trading partner. As part of this enveloping, it also deposits the message into the /ITSORetail  mailbox, \\nand from there, Sterling File Gateway routes the resulting message, by AS2, to the trading partner. 176 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsExample 5-32 is the example EDI 999 that is returned to our trading partner when processing \\nthe example HIPAA EDI 837 message.\\nExample 5-32   Example EDI 999 message.\\nISA*00*          *01*          *ZZ*HEALTHCARE_PS  *ZZ*HEALTHCARE_DEV *120118*1051*^*00501*000000007*0*T*:~GS*FA*DEVELOPMENT*PROFSERV*20120118*1051*17*X*005010~ST*999*0001~AK1*HC*42*005010X222A1~AK9*E*2*2*2~SE*4*0001~GE*1*17~IEA*1*000000007~\\n5.6  Conclusion\\nThis scenario demonstrates the integration of several IBM products into what appears to be, at first glance, a fairly simple inbound flow of messages, with a corresponding return message to our partner if the message is not compliant.\\nHowever, even this simple flow can dramatically reduce the processing time and resources \\nneeded to deal with the messages in question. By automating this processing, we can improve overall throughput and reduce wait times on the trading partner’s end, while also taking advantage of streamlined processing and reduced workloads on the staff of the company implementing this solution.\\nThis scenario is only one possible use of the interaction of the systems in question, and could \\nbe expanded upon to deal with any number of different requirements for the quick processing of messages between two trading partners.\\nIn particular, the integration of these various systems could provide an example to a company \\nthat only has part of these systems currently deployed. This scenario shows the simplicity of connecting these systems into an  integrated whole, and as ment ioned, this scenario can be \\nexpanded upon to deal with messages of nearly any type. © Copyright IBM Corp. 2012. All rights reserved. 177Chapter 6. Financial Services scenario\\nThis chapter provides a sample scenario involving two companies: a company acting as a \\nseller, another playing the role of the buyer, and a financial institution, a bank. The bank acts as an intermediary and processes the payment on behalf of the buyer and also responds back to the seller to acknowledge that the payment has been processed correctly. \\nThe seller sends an invoice in a proprietary flat file to the buyer, then the buyer receives and \\ntransforms the document into XML format and routes it to the bank. The bank processes the file internally to accomplish the payment and then sends a copy of the XML file back to the seller as an acknowledgement of the payment received. See also Figure 6-4 on page 181.\\nWe assume that the bank internal processing of the payment is accomplished by an existing \\ninternal processing system. So our scenario demonstrates the file routing and transformation within a circular flow that starts from the seller,  goes to the buyer, and from here to the bank. \\nThe process ends when the bank delivers an acknowledgement file back to the seller. \\nA second scenario in this chapter extends the above scenario to demonstrate the integration \\nof Sterling B2B Integrator with WebSphere Message Broker. \\nThis chapter includes the following sections:\\n/SM5900006.1, “Business value” on page 178\\n/SM5900006.2, “Prerequisites: Technical and infrastructure” on page 178\\n/SM5900006.3, “Presenting the Financial Services scenario” on page 181\\n/SM5900006.4, “Configuring the scenario” on page 185\\n/SM5900006.5, “Testing the scenario” on page 235\\n/SM5900006.6, “Extended scenario” on page 238\\n/SM5900006.7, “Conclusion” on page 2596\\nTip: If you want to implement the scenario presented in this chapter in your own \\nenvironment, you can download the Project Interc hange file for the applications used in this \\nscenario from the ITSO FTP site. For download instructions, see Appendix A, “Additional material” on page 333. 178 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer Solutions6.1  Business value\\nIBM provides comprehensive integration solutions that help you optimize your dynamic \\nbusiness network. Implementing this Financia l scenario leads to the following business \\nvalues: \\n/SM590000Improve business agility  by securely and flexibly integr ating with any partner, any system, \\nanywhere. It is crucial to making vital connections with customers, suppliers, and others in your B2B community.\\n/SM590000\\nImprove operational efficiency  by seamlessly automating manual business and IT \\nprocesses inside and outside your enterprise. Thus it saves you staff, time, and money, which can be used to grow your business in other key areas.\\n/SM590000\\nImprove business performance  by providing visibility into actionable information across \\nyour key business and IT processes.\\n/SM590000Empower data movement  by providing assured file delivery with  visibility, control, and \\ngovernance for all data movement.\\n6.2  Prerequisites: Technical and infrastructure\\nY ou need to meet the following prerequisites in order to understand and implement this scenario.\\n6.2.1  Software prerequisites\\nThe implementation of this scenario is based on the following products that therefore need to be installed in order to implement this solution:\\n/SM590000IBM Sterling B2B Integrator version 5.2.3\\n/SM590000IBM Sterling File Gateway version 2.2.3\\n/SM590000IBM Sterling Connect:Direct version 4.6\\n/SM590000IBM Sterling Connect:Direct File Agent version 1.4\\n/SM590000IBM Sterling Secure Proxy version 3.4\\n/SM590000IBM Sterling Control Center version 5.3\\n/SM590000IBM WebSphere Transformation Extender Design Studio version 8.4\\n/SM590000IBM WebSphere Transformation Extender for Integration Servers version 8.4 Chapter 6. Financial Services scenario 179Figure 6-1 illustrates the configur ation details for the environment used in the buyer network \\nfor this scenario.\\nFigure 6-1   Buyer system configuration\\nFigure 6-2 illustrates the configuration details fo r the environment used in the seller company \\nfor this scenario.\\nFigure 6-2   Seller system configurationBuyer\\nsystem configuration\\nServer 2\\nsi01.itso.ibm.com\\nIBM Sterling B2B\\nIntegrator \\nIBM Sterling File\\nGateway\\nServer 1\\nssp01.itso.ibm.com\\nIBM Sterling\\nSecure Proxy\\nServer 3\\nscc01.itso.ibm.com\\nIBM Sterling\\nControl Center\\nDMZ Secure\\nSeller\\nsystem configuration\\nServer\\ncd01.itso.ibm.com\\nIBM Sterling Connect:Direct 180 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsFigure 6-3 illustrates the configur ation details for the environmen t used in the bank for this \\nscenario.\\nFigure 6-3   Bank system configuration\\n6.2.2  Skills prerequisites\\nIn order to fully implement and understand this scenario, we as sume that you are familiar with \\nthe following activities:\\n/SM590000Installing and configuring IBM Sterling Secu re Proxy to communicate with Sterling B2B \\nIntegrator, Sterling File Gateway, and Sterling Connect:Direct.\\n/SM590000Installing and configuring IBM Sterling File  Gateway to receive, handle, and route \\nmessages.\\n/SM590000Installing and configuring IBM St erling Connect:Direct and its F ile Agent to send, receive, \\nand automatically route messages.\\n/SM590000Installing and configuring IBM St erling B2B Integrator  to receive, handle, translate, and \\nsend messages.\\n/SM590000Installing and configuring IBM WebSphere Tran sformation Extender Design Studio V8.4. \\nThis map design tool is used to develop the map used to translate and transform data to \\nthe desired format.\\n/SM590000Installing and configuring IBM WebSphere Tr ansformation Extender for Integration \\nServers V8.4. It is the runtime engine that allows execution of the WebSphere Transformation Extender map on Sterling B2B Integrator.\\nBank\\nsystem configuration\\nServer\\ncd02.itso.ibm.com ALIAS fa01.itso.ibm.com\\nIBM Sterling Connect:Direct\\nIBM Sterling File Agent Chapter 6. Financial Services scenario 1816.3  Presenting the Financial Services scenario\\nThis section provides an overview of the data flow for the scenario described in Figure 6-4. \\nFigure 6-4   Payment Process\\nFor this particular scenario, we are implementing a sample flow that can be described by the \\nfollowing steps: \\n1. The seller sends an invoice in a flat file to the buyer by http protocol using the web \\ninterface IBM Sterling myFileGateway. The file is uploaded to a dedicated seller mailbox on the Sterling File Gateway server installed at the buyer side, and the connection is secured through Sterling Se cure Proxy (Figure 6-5). \\nFigure 6-5   myFileGateway file upload\\n 182 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer Solutions2. The buyer receives the invoice on the seller mailbox, and kicks off a Business Process. It \\ngenerates and sends the payment to the bank in XML format using the WTX Map service first for generating the XML file, and then the Co nnect:Direct protocol to send it to the bank \\n(Figure 6-6). \\nFigure 6-6   Business Process with WTX Map service\\n3. The bank receives the payment on its Connect:Direct server, then processes it on their \\nlegacy systems and sends a copy of the XML file to the selle r by Connect:Direct as an \\nacknowledgement of the payment received. The latter is automated by mean of the File Agent, which is monitoring the Connect:Dir ect directory where the file comes in, \\nand kicks off a Connect:Direct process to send the acknowledgement to the seller. See Figure 6-7 and Figure 6-8. \\n Chapter 6. Financial Services scenario 183Figure 6-7   Connect:Direct bank’s node: CDNODE\\nFigure 6-8   IBM Sterling Connect:Direct File Agent\\n 184 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer Solutions4. The buyer has a Control Center instance to monitor all of the communications \\n(Figure 6-9).\\nFigure 6-9   IBM Sterling Control Center\\n6.3.1  Alternate scenarios\\nIn step 2 on page 182, we described the use of the WTX Map service for the translation. The WTX Map service requires you to install WebSphere Transformation Extender V8.4 on the same machine as the Sterling B2B Integrator V5.2.3 Server, and configure the Sterling B2B Integrator PATH and CLASSPATH to point to your WebSphere Transformation Extender installation.\\nIt is a very interesting point that shows how Sterling B2B Integrator integrates with \\nWebSphere Transformation Extender seamlessly and effectively. \\nHowever, Sterling B2B Integrator includes a number of embedded translation services such \\nas the proprietary Translation service. So of course it is also possible to modify the scenario described in 6.3, “Presenting the Financial Services scenario” on page 181, and for instance, to use the embedded Translation service instead of the WTX Map service as depicted in Figure 6-10.Tip: We are demonstrating only a single invoice transaction flow in this section. In most \\ncases, a real financial service scenario contains multiple transactions that represent a full conversation. For example, a buyer sends a purchase order. The seller can respond with an advanced shipping notice and an invoice that is related to the order that was received, then a delivery notice after the payment, and so on.\\n Chapter 6. Financial Services scenario 185Figure 6-10   Business Process with Translation service\\nThis map shows another interesting aspect of the integration between Sterling B2B Integrator \\nand WebSphere Transformation Extender. The same map used to translate the document by the WTX Map service is reusable to perform the transformation through the embedded Translation Service.\\n6.4  Configuring the scenario\\nThis section illustrates the insta llation parameters for the pro ducts needed to implement this \\nscenario (listed in 6.2.1, “Software prerequisites” on page 178) and their configurations.\\n6.4.1  Installing and configuring the IBM Sterling B2B Integrator\\nTable 6-1 shows the parameters used to install the product on a Windows server in the secure zone of the buyer company network.\\nTable 6-1   IBM Sterling B2B Integrator installation parameters Tip: WTX Map service provides more flex ibility with the WebSp here Transformation \\nExtender maps. For example, the WTX Map service supports multiple inputs and/or outputs, but the Translation service does not.\\nParameter name Value\\nInstallation Directory C:\\\\IBM\\\\SIJDK directory C:\\\\Program Files\\\\Java\\\\jdk1.6.0_26\\nJCE jar file C:\\\\Users\\\\IBM_ADMIN\\\\Desktop\\\\unrestricted.zip\\nInstall jar C:\\\\Users\\\\IBM_ADMIN\\\\Desktop\\\\SI_5020300.jarIP address localhost\\nInitial port 8080 186 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsSpecial considerations\\nThe following considerations apply:\\n/SM590000The installation directory is the location where SI needs to be installed. Make sure that no \\nspace is given in the folder location.The installation assumes the presence of a DB2 database for Sterling B2B Integrator. If you do not have DB2 installed, follow the procedures in the DB2 Installation Manual  at this website:\\nhttp://public.dhe.ibm.com/ps/products/db2/info/vr97/pdf/en_US/DB2InstallingServ\\ners-db2ise972.pdf\\n/SM590000During the pre-installation phase of Sterling B2B Integrator, a DB connectivity test is \\nrequired. Note that it is mandatory and, un less completed successfully, the installation \\ndoes not start.\\nFigure 6-11   DB2 Error messagePassphrase *********\\nE-Mail address administrator@mail.itso.ibm.comSMTP Mail Server localhostDatabase Vendor DB2\\nDatabase user name si\\nDatabase password *********Database catalog name SI52\\nDatabase host db2.itso.ibm.com\\nDatabase port 50000Database driver C:\\\\db2jcc.jar\\nC:\\\\db2jcc_license_cu.jar\\nImportant:  The installation script creates tables and indexes. Certain tables require a \\npage size of 32K. Y ou must have a table space to accommodate such tables on DB2. If you \\ndon not create a table space on DB2, you get the installation failure shown in Figure 6-11.Parameter name Value\\n Chapter 6. Financial Services scenario 187Before installing the pr oduct on your environm ent, for more informat ion, check the Sterling \\nB2B Integrator 5.2.3 documentation with special attention to the “System Requirements” section and the Installation Guide  available at this website:\\nhttp://help.sterlingcommerce.com/SB2BI52/index.jsp\\nConfiguring IBM Ster ling B2B Integrator\\nWe need to implement a Sterling B2B Integrator Business Process to extract the message \\nfrom the mailbox to which the seller uploads the invoice, then to translate the message into \\nXML and route it to the bank by the Connect:Direct protocol. Optionally, a copy of the same XML content can be sent as a message to a WebSphere MQ queue manager for further processing in the buyer enterprise service bus. It is discussed in more detail as a possible extension of the Financial Services scenario in 6.6, “Extended scenario” on page 238.\\nIn order to use the Connect:Direct services in Sterling B2B Integrator, we need to configure a \\nConnect:Direct Server Adapter instance first, which in its turn requires to configure the Nodes, to define a Netmap and the Netmap Cross Reference.\\nFigure 6-12 and Figure 6-13 illustra te the configurations for t he Nodes, the Netmap, and the \\nNetmap Cross Reference used for the subsequent Connect:Direct Server Adapter configuration.\\nFigure 6-12   Connect:Direct nodes\\n 188 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsFigure 6-13   Connect:Direct Netmap\\nFigure 6-14   Connect:Direct Netmap Cross Reference\\n Chapter 6. Financial Services scenario 189Table 6-2 illustrates the parameters used for the Connect:Direct Server Adapter \\nConfiguration. It includes th e parameters used to config ure the nodes illustrated in \\nFigure 6-12 on page 187. \\nTable 6-2   Sterling B2B Integrator Con nect:Direct Server Adapter node: CDBUYERSI\\nService settings\\nService Type Sterling Connect:Direct Server Adapter\\nDescription CDBUYERSI\\nSystem Name CDBUYERSIGroup Name None\\nSterling Connect:Direct Server Node Name CDBUYERSI\\nSterling Connect:Direct Perimeter Services \\nOptionnode1 & local\\nSterling Connect:Direct Server Port 1366 \\nFirewall Ports None provided \\nMax locally initiated (pnode) sessions allowed 5\\nMax remotely initiated (snode) sessions allowed 5Document Storage File System\\nNetMap Check No\\nBuffer-size for Copy 32768 Number of short-term session retry attempts 5\\nInterval between short-term session attempts \\n(seconds)5\\nNumber of long-term se ssion retry attempts 5\\nInterval between long-term session attempts \\n(minutes)1\\nRetry Remote File Allocation Errors No\\nMax Session Establishment Timeout value in \\nSeconds600\\nMax Socket Read Timeout value in Seconds 90\\nServer Start Option Warm\\nRunTask Business Proce ss Name None provided\\nRunJob Business Process Name None provided\\nMax Run Task Forwarding Timeout value in \\nSeconds300\\nMax Run Job Forwarding Timeout value in \\nSeconds30\\nEncryption using Secure+ Disabled \\nEnable Netmap Node Override Yes 190 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsThe Business Process shown in Example 6-1 is an example of implementation that uses the \\nWTX Map service for the communication.\\nExample 6-1   Business Pr ocess with WTX Map service\\nDescription: Version 1.0\\nBusiness Process Definition:\\n<process name = \"FinancialScenarioBPWTXVersion\"> \\n  <sequence name=\"Sequence Start\">    <operation name=\"Mailbox Extract Begin Service\">      <participant name=\"MailboxExtractBegin\"/>      <output message=\"MailboxExtractBeginServiceTypeInputMessage\">        <assign to=\".\" from=\"*\"></assign>        <assign to=\"CommitNow\">Yes</assign>        <assign to=\"MessageId\" from=\"/ProcessData/RoutingRequest/RoutingRequest/MessageId[last()]/text() \"></assign>      </output>      <input message=\"inmsg\">        <assign to=\".\" from=\"*\"></assign>      </input>    </operation>\\n    <operation name=\"WTX Map\">\\n      <participant name=\"WTXMapService\"/>      <output message=\"WTXMapServiceTypeInputMessage\">        <assign to=\".\" from=\"*\"></assign>        <assign to=\"MapName\">WTXDemo</assign>        <assign to=\"in1\">//PrimaryDocument</assign>        <assign to=\"out1\">//PrimaryDocument</assign>      </output>      <input message=\"inmsg\">        <assign to=\".\" from=\"*\"></assign>Sterling Connect:Direct Server Netmap NETMAPBUYERSI\\nNumber of Nodes in Netmap 2Connect:Direct Server Node Name: CDBANK\\nHost: 9.42.170.223\\nPort: 1364\\nMax Pnode sessions: 5Max Snode sessions: 5\\nAlternate Comm Info:\\nSecure+ Option: disabledCipher Suites: none\\nConnect:Direct Server Node Name: CDBUYERSI\\nHost: 9.42.170.226\\nPort: 1366\\nMax Pnode sessions: 5Max Snode sessions: 5\\nAlternate Comm Info:\\nSecure+ Option: disabledCipher Suites: noneService settings Chapter 6. Financial Services scenario 191      </input>\\n    </operation>\\n    <operation name=\"CD Server Begin Session Service\">\\n      <participant name=\"CDServerBeginSession\"/>      <output message=\"CDServerBeginSessionServiceTypeInputMessage\">        <assign to=\"LocalCDNodeName\">CDBUYERSI</assign>        <assign to=\"ProcessName\">SNDTOCD</assign>        <assign to=\"RemoteCDNodeName\">CDBANK</assign>        <assign to=\".\" from=\"*\"></assign>      </output>      <input message=\"inmsg\">        <assign to=\".\" from=\"*\"></assign>      </input>    </operation>\\n    <operation name=\"CD Server CopyTo Service\">\\n      <participant name=\"CDServerCopyTo\"/>      <output message=\"CDServerCopyToServiceTypeInputMessage\">        <assign to=\"RemoteFileName\">c:\\\\CDBANKCOMM\\\\CDBUYERIN\\\\bankCheck.xml</assign>        <assign to=\"SessionToken\" from=\"SessionToken/SessionId/text()\"></assign>        <assign to=\".\" from=\"*\"></assign>      </output>      <input message=\"inmsg\">        <assign to=\".\" from=\"*\"></assign>      </input>    </operation>\\n    <operation name=\"CD Server End Session Service\">\\n      <participant name=\"CDServerEndSession\"/>      <output message=\"CDServerEndSessionServiceTypeInputMessage\">        <assign to=\"SessionToken\" from=\"SessionToken/SessionId/text()\"></assign>        <assign to=\".\" from=\"*\"></assign>      </output>      <input message=\"inmsg\">        <assign to=\".\" from=\"*\"></assign>      </input>    </operation>\\n    <onFault>\\n      <sequence name=\"Sequence Start\">        <assign name=\"Assign\" to=\"OnFaultError\">En error occurred in the sequence</assign>        <operation name=\"CD Server End Session Service\">          <participant name=\"CDServerEndSession\"/>          <output message=\"CDServerEndSessionServiceTypeInputMessage\">            <assign to=\"SessionToken\" from=\"SessionToken/SessionId/text()\"></assign>            <assign to=\".\" from=\"*\"></assign>          </output>          <input message=\"inmsg\">            <assign to=\".\" from=\"*\"></assign>          </input>        </operation> 192 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer Solutions      </sequence>\\n    </onFault>  </sequence></process>\\nAs discussed in section 6.3.1, “Alternate scenarios” on page 184, it is also possible to use the \\nTranslation Service for the translation step as shown in the Business Process in Example 6-2. \\nExample 6-2   Business Process with Translation Service\\nDescription: Version 1.0Business Process Definition:\\n<process name = \"FinancialScenarioBPTranServVersion\"> \\n  <sequence name=\"Sequence Start\">    <operation name=\"Mailbox Extract Begin Service\">      <participant name=\"MailboxExtractBegin\"/>      <output message=\"MailboxExtractBeginServiceTypeInputMessage\">        <assign to=\".\" from=\"*\"></assign>        <assign to=\"CommitNow\">Yes</assign>        <assign to=\"MessageId\" from=\"/ProcessData/RoutingRequest/RoutingRequest/MessageId[last()]/text() \"></assign>      </output>      <input message=\"inmsg\">        <assign to=\".\" from=\"*\"></assign>      </input>    </operation>\\n    <operation name=\"Translation Using WTX Map\">\\n      <participant name=\"Translation\"/>      <output message=\"TranslationTypeInputMessage\">        <assign to=\".\" from=\"*\"></assign>        <assign to=\"map_name\">WTXDemo</assign>        <assign to=\"output_report_to_process_data\">Yes</assign>\\n        <assign to=\"output_to_process_data\">No</assign>\\n      </output>      <input message=\"inmsg\">        <assign to=\".\" from=\"*\"></assign>      </input>    </operation>\\n    <operation name=\"CD Server Begin Session Service\">\\n      <participant name=\"CDServerBeginSession\"/>      <output message=\"CDServerBeginSessionServiceTypeInputMessage\">        <assign to=\"LocalCDNodeName\">CDBUYERSI</assign>        <assign to=\"ProcessName\">SNDTOCD</assign>        <assign to=\"RemoteCDNodeName\">CDBANK</assign>        <assign to=\".\" from=\"*\"></assign>      </output>      <input message=\"inmsg\">        <assign to=\".\" from=\"*\"></assign>      </input>    </operation>\\n    <operation name=\"CD Server CopyTo Service\"> Chapter 6. Financial Services scenario 193      <participant name=\"CDServerCopyTo\"/>\\n      <output message=\"CDServerCopyToServiceTypeInputMessage\">        <assign to=\"RemoteFileName\">c:\\\\CDBANKCOMM\\\\CDBUYERIN\\\\bankCheck.xml</assign>        <assign to=\"SessionToken\" from=\"SessionToken/SessionId/text()\"></assign>        <assign to=\".\" from=\"*\"></assign>      </output>      <input message=\"inmsg\">        <assign to=\".\" from=\"*\"></assign>      </input>    </operation>\\n    <operation name=\"CD Server End Session Service\">\\n      <participant name=\"CDServerEndSession\"/>      <output message=\"CDServerEndSessionServiceTypeInputMessage\">        <assign to=\"SessionToken\" from=\"SessionToken/SessionId/text()\"></assign>        <assign to=\".\" from=\"*\"></assign>      </output>      <input message=\"inmsg\">        <assign to=\".\" from=\"*\"></assign>      </input>    </operation>\\n    <onFault>\\n      <sequence name=\"Sequence Start\">        <assign name=\"Assign\" to=\"OnFaultError\">En error occurred in the sequence</assign>        <operation name=\"CD Server End Session Service\">          <participant name=\"CDServerEndSession\"/>          <output message=\"CDServerEndSessionServiceTypeInputMessage\">            <assign to=\"SessionToken\" from=\"SessionToken/SessionId/text()\"></assign>            <assign to=\".\" from=\"*\"></assign>          </output>          <input message=\"inmsg\">            <assign to=\".\" from=\"*\"></assign>          </input>        </operation>\\n      </sequence>\\n    </onFault>  </sequence></process>\\nThe third Business Process example shown in Example 6-3 shows how a copy of the same \\nXML content for the bank can be also sent as a message to a WebSphere MQ queue manager for further processing in the Buyer enterprise service bus as described in 6.6, “Extended scenario” on page 238. 194 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsExample 6-3   Business Process with MQ communication\\nDescription: Version 1.2\\nBusiness Process Definition:\\n<process name = \"FinancialScenarioBPWTXInvokeExtension\"> \\n  <sequence name=\"Sequence Start\">    <operation name=\"Mailbox Extract Begin Service\">      <participant name=\"MailboxExtractBegin\"/>      <output message=\"MailboxExtractBeginServiceTypeInputMessage\">        <assign to=\".\" from=\"*\"></assign>        <assign to=\"CommitNow\">Yes</assign>        <assign to=\"MessageId\" from=\"/ProcessData/RoutingRequest/RoutingRequest/MessageId[last()]/text() \"></assign>      </output>      <input message=\"inmsg\">        <assign to=\".\" from=\"*\"></assign>      </input>    </operation>\\n    <operation name=\"WTX Map\">\\n      <participant name=\"WTXMapService\"/>      <output message=\"WTXMapServiceTypeInputMessage\">        <assign to=\".\" from=\"*\"></assign>        <assign to=\"MapName\">WTXDemo</assign>        <assign to=\"in1\">//PrimaryDocument</assign>        <assign to=\"out1\">//PrimaryDocument</assign>      </output>      <input message=\"inmsg\">        <assign to=\".\" from=\"*\"></assign>      </input>    </operation>\\n    <operation name=\"Invoke Business Process Service\">\\n      <participant name=\"InvokeBusinessProcessService\"/>\\n      <output message=\"InvokeBusinessProcessServiceTypeInputMessage\">\\n        <assign to=\".\" from=\"*\"></assign>        <assign to=\"INVOKE_MODE\">INLINE</assign>        <assign to=\"WFD_NAME\">FinancialScenarioMQExtension</assign>      </output>      <input message=\"inmsg\">        <assign to=\".\" from=\"*\"></assign>      </input>    </operation>\\n    <sequence name=\"CDSequence\">\\n      <operation name=\"CD Server Begin Session Service\">        <participant name=\"CDServerBeginSession\"/>        <output message=\"CDServerBeginSessionServiceTypeInputMessage\">          <assign to=\"LocalCDNodeName\">CDBUYERSI</assign>          <assign to=\"ProcessName\">SNDTOCD</assign>          <assign to=\"RemoteCDNodeName\">CDBANK</assign>          <assign to=\".\" from=\"*\"></assign>        </output>        <input message=\"inmsg\"> Chapter 6. Financial Services scenario 195          <assign to=\".\" from=\"*\"></assign>\\n        </input>      </operation>\\n      <operation name=\"CD Server CopyTo Service\">\\n        <participant name=\"CDServerCopyTo\"/>        <output message=\"CDServerCopyToServiceTypeInputMessage\">          <assign to=\"RemoteFileName\">c:\\\\CDBANKCOMM\\\\CDBUYERIN\\\\bankCheck.xml</assign>          <assign to=\"SessionToken\" from=\"SessionToken/SessionId/text()\"></assign>          <assign to=\".\" from=\"*\"></assign>        </output>        <input message=\"inmsg\">          <assign to=\".\" from=\"*\"></assign>        </input>      </operation>\\n      <operation name=\"CD Server End Session Service\">\\n        <participant name=\"CDServerEndSession\"/>        <output message=\"CDServerEndSessionServiceTypeInputMessage\">          <assign to=\"SessionToken\" from=\"SessionToken/SessionId/text()\"></assign>          <assign to=\".\" from=\"*\"></assign>        </output>        <input message=\"inmsg\">          <assign to=\".\" from=\"*\"></assign>        </input>      </operation>\\n      <onFault>\\n        <sequence name=\"Sequence Start\">          <assign name=\"Assign\" to=\"OnFaultError\">En error occurred in the sequence</assign>          <operation name=\"CD Server End Session Service\">            <participant name=\"CDServerEndSession\"/>            <output message=\"CDServerEndSessionServiceTypeInputMessage\">              <assign to=\"SessionToken\" from=\"SessionToken/SessionId/text()\"></assign>              <assign to=\".\" from=\"*\"></assign>            </output>            <input message=\"inmsg\">              <assign to=\".\" from=\"*\"></assign>            </input>          </operation>\\n        </sequence>\\n      </onFault>    </sequence>    <onFault>      <assign to=\"Error\">Error on First Sequence</assign>    </onFault>  </sequence></process> 196 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsExample 6-4 shows the Business Process invoked by the Business Process in Example 6-3 \\non page 194 for the actual communication with the WebSphere MQ queue manager. \\nExample 6-4   Business Process invoked for the actual MQ communication\\nDescription: Version 1.0Business Process Definition:\\n<process name = \"FinancialScenarioMQExtension\"> \\n  <sequence name=\"PutFileInMQ\">    <operation name=\"WSMQ Open Session\">      <participant name=\"WSMQ_OpenSession\"/>      <output message=\"WSMQOpenSessionInputMessage\">        <assign to=\"wsmq_channel\">B2B.FINANCE.SBI</assign>        <assign to=\"wsmq_hostname\">9.42.170.226</assign>        <assign to=\"wsmq_port\">1414</assign>        <assign to=\"wsmq_qmanager\">B2B02</assign>        <assign to=\".\" from=\"*\"></assign>      </output>      <input message=\"inmsg\">        <assign to=\".\" from=\"*\"></assign>      </input>    </operation>\\n    <operation name=\"WSMQ Open Queue\">\\n      <participant name=\"WSMQ_OpenQueue\"/>      <output message=\"WSMQOpenQueueInputMessage\">        <assign to=\"wsmq_MQOO_type\">PUT</assign>        <assign to=\"wsmq_qname\">FINANCE.B2B.ESB.REQUEST</assign>        <assign to=\".\" from=\"*\"></assign>      </output>      <input message=\"inmsg\">        <assign to=\".\" from=\"*\"></assign>      </input>    </operation>\\n    <operation name=\"WSMQ Put Message\">\\n      <participant name=\"WSMQ_PutMessage\"/>      <output message=\"WSMQPutMessageInputMessage\">        <assign to=\"wsmq_MQMD_expiry\">0</assign>        <assign to=\"wsmq_MQMD_msgType\">DATAGRAM</assign>        <assign to=\"wsmq_qname\">FINANCE.B2B.ESB.REQUEST</assign>        <assign to=\".\" from=\"*\"></assign>      </output>      <input message=\"inmsg\">        <assign to=\".\" from=\"*\"></assign>      </input>    </operation>\\n    <operation name=\"WebSphereMQ Suite Commit\">\\n      <participant name=\"WSMQ_Commit\"/>      <output message=\"WSMQCommitInputMessage\">        <assign to=\".\" from=\"*\"></assign>      </output>      <input message=\"inmsg\">        <assign to=\".\" from=\"*\"></assign> Chapter 6. Financial Services scenario 197      </input>\\n    </operation>\\n    <operation name=\"WSMQ Close Queue\">\\n      <participant name=\"WSMQ_CloseQueue\"/>      <output message=\"WSMQCloseQueueInputMessage\">        <assign to=\"wsmq_qname\">FINANCE.B2B.ESB.REQUEST</assign>        <assign to=\".\" from=\"*\"></assign>      </output>      <input message=\"inmsg\">        <assign to=\".\" from=\"*\"></assign>      </input>    </operation>\\n    <operation name=\"WSMQ Close Session\">\\n      <participant name=\"WSMQ_CloseSession\"/>      <output message=\"WSMQCloseSessionInputMessage\">        <assign to=\".\" from=\"*\"></assign>      </output>      <input message=\"inmsg\">        <assign to=\".\" from=\"*\"></assign>      </input>    </operation>\\n    <onFault>\\n      <sequence>        <operation name=\"WebSphereMQ Suite Close Queue\">          <participant name=\"WSMQ_CloseQueue\"/>          <output message=\"WSMQCloseQueueInputMessage\">            <assign to=\".\" from=\"*\"></assign>            <assign to=\"wsmq_qname\">FINANCE.B2B.ESB.REQUEST</assign>          </output>          <input message=\"inmsg\">            <assign to=\".\" from=\"*\"></assign>          </input>        </operation>\\n        <operation name=\"WebSphereMQ Suite Close Session\">\\n          <participant name=\"WSMQ_CloseSession\"/>          <output message=\"WSMQCloseSessionInputMessage\">            <assign to=\".\" from=\"*\"></assign>          </output>          <input message=\"inmsg\">            <assign to=\".\" from=\"*\"></assign>          </input>        </operation>\\n      </sequence>\\n    </onFault>  </sequence></process> 198 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer Solutions6.4.2  Installing and configuring the IBM Sterling File Gateway\\nThis section describes the installation and the configuration of Sterling File Gateway at the \\nBuyer company as it is required to allow th e Seller company to send the invoice to Buyer \\nusing myFileGatway. \\nSterling File Gateway 2.2.3 requires Sterling B2B Integrator 5.2.3, so the following installation \\nsteps assume that you have already installed Sterling B2B Integrator 5.2.3.\\nInstallation procedure\\nFollow these steps:\\n1. Stop Sterling B2B Integrator 5.2.3.\\n2. Close all command prompt windows.3. Install the Sterling F ile Gateway jar file:\\na. Open a command prompt window.\\nb. Run the following command:\\ninstall_dir\\\\bin\\\\InstallService.cmd install_dir\\\\packages\\\\filegateway_2020300\\nConfiguring IBM Sterling File Gateway \\nIn order to configure Sterling File Gateway to be ready to accept connections from the Seller \\nthrough myFileGateway, we need to complete the tasks described in the following sections:\\nConfiguration steps\\nFollow these steps:\\n1. From the menu Participants:\\na. Create community: FINANCIALb. Create partners:\\n\\x81 BUYER\\n\\x81 SELLER\\n2. From the menu Routes:\\na. Create Template: TemplateSellerStatic.\\nb. Create Channel: Creating a channel builds a routing between the producer and the \\nconsumer that use the template created previously.Tip: In this section we are presenting a summary of the installation steps performed to \\ninstall Sterling File Gateway version 2.2.3 for this  specific scenario. However, if you want to \\nreplicate the installation in your own environment, make sure to see the IBM Sterling File \\nGateway Installation Guide at this website, as there are important instructions to follow:\\nhttp://help.sterlingcommerce.com/SFG22/index.jsp Chapter 6. Financial Services scenario 199Figure 6-15 illustrates the parameters us ed for the community configuration.\\nFigure 6-15   Community: FINANCIAL\\n 200 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsFigure 6-16 and Figure 6-17 show the parameters used for the partners setup: BUYER and \\nSELLER.\\nFigure 6-16   Partner: BUYER\\nFigure 6-17   Partner: SELLER\\n Chapter 6. Financial Services scenario 201Figure 6-18 illustrates the parameters  used for creating the template.\\nFigure 6-18   Template: TemplateSellerStatic\\nFigure 6-19 shows the routing channel using the previous template.\\nFigure 6-19   Routing Channel\\n6.4.3  Installing and configuring the IBM Sterling Connect Direct\\nThis section describes th e installation and the configuration of IBM Sterling Connect:Direct at \\nthe Bank company. It is required to allow the Buyer company to send the Payment to the Bank company using IBM Sterling Connect:Direct and also to allow the Bank company to send \\npayment acknowledgement to the Seller company.\\nInstructions:  In this section we are presenting a summary of the installation steps \\nperformed to install IBM Sterling Connect:Direct version 4.6 for this specific scenario. However, if you want to replicate the installation in your own environment, see the IBM \\nSterling Connect:Direct Installation Guide , as there are important instructions to follow:\\nhttp://www.sterlingcommerce.com/documentation/home/MFT/ConnectDirect/Windows/CD\\n%20Windows46/CDWindowsGettingStarted.pdf 202 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsInstallation procedure\\nFollow these steps to insta ll IBM Sterling Connect Direct:\\n1. IBM Sterling Connect:Direct needs a database for its process queue and logs. Its \\ninstallation package has MSSQL Express available, but several other databases are supported. The database must be installed prior to IBM Sterling Connect:Direct installation. \\n2. Run the setup.exe from IBM Sterling Connect:Direct product directory: \\nC:\\\\SterlingConnect Direct V5.1.0\\\\Direct V 4.6.00 for Microsoft Windows\\\\CDWin4600\\\\Server and Requester\\\\setup.exe.\\n3. The installation asks for several parameters. Make sure to select a “Custom” installation \\nso that it will be possible to enter a Local No de Name and the IP and port-number that this \\nIBM Sterling Connect:Direct instance will us e. Otherwise, default values are used.\\nConfiguring IBM Sterling Connect:Direct \\nIn order to configure IBM Sterling Connect:Direct to be ready to accept connections from the \\nBuyer and start connections to Seller, the following steps must be completed. \\nConfiguration steps\\nFollow these steps to configure IBM Sterling Connect Direct:\\n1) Logon to the C:D Requester giving the credentials of the user-id used for installing IBM \\nSterling Connect:DIrect.\\n2) Select Netmap .\\n3) Create nodes for companies BUYER and SELLER as shown in Table 6-3.\\nTable 6-3   Nodes for companies BUYER and SELLER\\nConnect:Direct Server Node Name: CDSELLER\\nHost: 99.42.170.226Port: 1364\\nMax Pnode sessions: 5\\nMax Snode sessions: 5Alternate Comm Info:\\nSecure+ Option: disabled\\nCipher Suites: none\\nConnect:Direct Server Node Name: CDBUYERSI\\nHost: 9.42.170.226Port: 1366\\nMax Pnode sessions: 5\\nMax Snode sessions: 5Alternate Comm Info:\\nSecure+ Option: disabled\\nCipher Suites: none Chapter 6. Financial Services scenario 203Figure 6-20 shows the Sterling Connect:Direct Configuration.\\nFigure 6-20   Sterling Connect:Direct Configuration\\n4) Select Proxies .\\n5) Create proxies for the companies BUYER and SELLER as shown in Table 6-4.\\nTable 6-4   Proxies for the companies BUYER and SELLER\\nConnect:Direct Server Node Remote Userid: ANY\\nRemote Node: CDSELLERLocal Userid: cduser\\nLocal Password: *****\\nConnect:Direct Server Node Remote Userid: ANY\\nRemote Node: CDBUYERSILocal Userid: cduser\\nLocal Password: *****\\n 204 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsFigure 6-21 shows the user proxies. Figure 6-22 shows the window for editing user \\nproxies. Figure 6-23 shows Edit Us er Proxies - Directories window.\\nFigure 6-21   User Proxies\\nFigure 6-22   Edit User Proxies - Main\\n Chapter 6. Financial Services scenario 205Figure 6-23   Edit User Proxies - Directories\\n6.4.4  Installing and configuring the IBM Sterling Connect:Direct File Agent\\nUse the steps in this section to install and configure IBM Sterling Connect:Direct File Agent.\\nInstallation procedure\\nFollow these steps:\\n1. Run the FileAgent.exe from IBM Sterling Connect:Direct product directory:\\nC:\\\\SterlingConnect Direct V5.1.0\\\\Direct V 4.6.00 for Microsoft \\nWindows\\\\CDWin4600\\\\Server and Requester\\\\FileAgentInstall.exe.\\n2. The installation asks for the dire ctory where to install File Agent.\\nConfiguring IBM Sterling Connect:Direct File Agent\\nIn this specific scenario, IBM Sterling Connect:Direct File Agent is used to monitor the \\ndirectory where Buyer sends a copy of the XML file, which is an acknowledgement of the payment received by the Bank. File Agent then submits a process to the Bank IBM Sterling Connect:DIrect to forward the XML file to the Seller.\\nConfiguration steps\\nFollow these steps:\\n1. Open the IBM Sterling Connect:Direct File Agent graphical user interface (Figure 6-24).\\n2. Select the File agent  tab and Default_config .\\n3. Click  Edit .\\n4. Type the following information:\\na. The Userid for API. It is the IBM Sterling Connect:Direct user that the File Agent uses \\nto logon to the Bank IBM Sterling Connect:Direct. In this scenario, it should be “cduser.”\\nb. The Password for API. It is the cduser Windows password.\\n 206 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer Solutions5. API host DNS name: It is the Bank IBM Sterling Connect:Direct IP: 9.42.170.223\\n6. API port: It is the Bank IBM Sterling Connect:Direct Bank port-number: 1364\\n7. Watched directories: It is the directory where Buyer Sterling B2B Integrator Connect:Direct \\nServer adapter puts acknowledgement XML: c:\\\\CDBANKCOMM\\\\CDBUYERIN\\\\.\\nFigure 6-24   Watched directories\\n8. Create new “Submit process rules,” as shown in Figure 6-25 and Figure 6-26.\\nFigure 6-25   Submit Process Rule\\n Chapter 6. Financial Services scenario 207Figure 6-26   Match criteria\\n9. In this specific scenario, any file arriving at the watched directory whose name ends with \\n.XML must submit a process, as shown in Figure 6-27. \\nFigure 6-27   Edit match criterion\\n10.Example 6-5 shows a sample process to be submitted by File Agent:\\nThe following process refers to “On the Submit Process Rules” window after selecting the \\n“Copy_to_CDSELLER” rule to be edited. Then the Submit Process information for watched file event rule Copy_to_CDSELLER window is shown.\\nThe argument ‘Process name C:\\\\CDBANKCOMM\\\\CP2SELLR.cdp’ contains the location \\nand name of the process to be submitted and the argument ‘Process arguments &fn1=%FA_NOT_PATH.’ contains the variable to be passed to the process. In this example, the process variable &fn1 is replaced by the name of the file to be copied. The process deletes the file copied from the origin directory if the copy operation succeeds.\\n 208 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsExample 6-5   Sample process\\n/*BEGIN_REQUESTER_COMMENTS \\n    $PNODE$=\"CDBANK\" $PNODE_OS$=\"Windows\"     $SNODE$=\"CDSELLER\" $SNODE_OS$=\"Windows\"     $OPTIONS$=\"WDOS\"   END_REQUESTER_COMMENTS*/\\nCP2SELLR PROCESS \\n&fn1=default&fn2=defaultSNODE=CDSELLER\\nCPBS1 COPY \\nFROM (FILE=\"C:\\\\CDBANKCOMM\\\\CDBUYERIN\\\\&fn1\")TO ( FILE=\"C:\\\\CDSELLERCOMM\\\\CDBANKIN\\\\&fn1\" DISP=RPL)\\nIF (CPBS1 EQ 0) THEN\\nRUN TASK PNODE (PGM=Windows)\\nSYSOPTS=\"cmd(DEL) ARGS(C:\\\\CDBANKCOMM\\\\CDBUYERIN\\\\&fn1)\"\\nEIF PEND \\nFor more details on how to configure Sterling File Agent, see the IBM Sterling Connect:Direct \\nFile Agent Conf iguration Guide  at the following website:\\nhttp://www.sterlingcommerce.com/documentation/home/MFT/ConnectDirect/File%20Agent/\\nCD%20FileAgent14/CDFAConfigGuide.pdf\\n6.4.5  Installing and configuring the IBM Sterling Secure Proxy\\nThis section describes the configuration of the IBM Sterling Secure Proxy at the Buyer company. We considered it as required to allow the Seller company to send the invoice to Buyer using myFileGatway in a secure manner through the DMZ. Figure 6-28 depicts this configuration.\\nFigure 6-28   Sterling Secure Proxy at the Buyer company\\n Chapter 6. Financial Services scenario 209In the following installation steps, we assume that you have already installed Sterling Secure \\nProxy 3.4.\\nConfiguring an IBM Sterling Secure Proxy\\nIn this section we describe how to configure an IBM Sterling Secure Proxy.\\nConfiguration steps\\nIn order to configure IBM Sterling Secure Proxy to be ready to accept connections from the Seller through myFileGateway, we need to complete the following steps.\\nCreate an Engine Definition\\nThe engine lives in the DMZ and runs the proxy adapters that manage client communication requests to servers in your trusted zone. To perform this function, the engine receives configuration information from CM (Configuration Manager). Use CM to create an engine definition that contains configuration information for the engine. \\nBefore you configure the engine, gather the information in Table 6-5 that you require to \\nconfigure the engine. After you configure the engine, validate the configuration by ensuring that CM can view the engine.\\nTable 6-5   Engine configurationImportant:  Before installing the product on yo ur environment, if you need more \\ninformation, see the Sterling Secure Proxy 3.4  documentation at this website:\\nhttp://www.sterlingcommerce.com/documentation/home/MFT/SSP/SSP.html \\nPay special attention to the “Sys tem Requirements” section and the Installation Guide .\\nCM field Feature/value Value\\nEngine Name Name of the engineEngine Host IP address of the engine\\nEngine Listen Port Port number of the engine 210 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsFollow these steps to define an engine. See Figure 6-29.\\nSelect Configuration  from the menu bar.\\n1. Click Actions \\uf0ae New Engine . \\n2. Specify the following values: \\n– Engine Name \\n– Engine Host– Engine Listen Port\\n3. Click Save . \\nFigure 6-29   Engine definition\\nCreate an HTTP Policy\\nThe HTTP Policy defines how you impose controls to authenticate a trading partner (in our \\ncase BUYER company) trying to access the IBM Sterling File Gateway over the public Internet. \\nFollow these steps to define an HTTP Policy. See Figure 6-30.\\n1. Click Configuration  from the menu bar.\\n2. Click Actions \\uf0ae New Policy \\uf0ae HTTP Policy . \\n3. Type a Policy Name.4. Click Save . \\n Chapter 6. Financial Services scenario 211Figure 6-30   Policy Configuration\\nCreate an HTTP Netmap\\nY ou define inbound connection information for your external trading partners and outbound \\nconnection information for the IBM Sterling File Gateway that Sterling Secure Proxy connects to. These values are stored in a netmap. The netmap is associated with a policy and an adapter. \\nBefore you begin this procedure, be sure that you have created a policy to associate with the \\nnetmap.\\nFollow these steps to create a netmap and define inbound and outbound nodes.\\n1. Click Configuration  from the menu bar.\\n2. Click Actions \\uf0ae New Netmap \\uf0ae HTTP Netmap . \\n3. Type a Netmap Name.\\n4. To define an inbound node definition, click the Inbound Nodes tab and click New. \\nSee Figure 6-31.\\n5. Specify the following values: \\n– Inbound Node Name \\n– Peer Address Pattern – Policy \\nTip: If you have not defined a policy, click the green plus sign to define one.\\n6. Click OK. \\n 212 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsFigure 6-31   HTTP Netmap Inbound Node\\n7. To define an outbound node definition, click the Outbound Nodes  tab and click New.  \\nSee Figure 6-32.\\n8. Specify the following values: \\n– Outbound Node Name \\n– Primary Destination Address – Primary Destination Port \\n9. Click OK.\\n10.Click Save .\\n Chapter 6. Financial Services scenario 213Figure 6-32   HTTP Netmap Outbound Node\\nDefine the HTTP adapter used for the connection\\nAn HTTP adapter definition specifies system-level communications information necessary for \\nHTTP connections to and from Sterling Secure Proxy. Y ou can create multiple adapter definitions depending on your need.\\nBefore you begin this procedure, be sure that you have created the following definitions:\\n/SM590000A netmap to associate with the adapter.\\n/SM590000An engine definition to associate with the adapter. See the following website to Install or \\nUpgrade Sterling Secure Proxy on UNIX or Linux or Install or Upgrade Sterling Secure Proxy on Windows for instructions:\\nhttp://www.sterlingcommerce.com/documentation/home/MFT/SSP/SSP.html  \\nUse the following steps to define an HTTP adapter. See Figure 6-33.\\n1. Click Configuration  from the menu bar.\\n2. Click Actions \\uf0ae New Adapter \\uf0ae HTTP Reverse Proxy . \\n3. Specify values for the following items: \\n– Adapter Name \\n–L i s t e n  P o r t  – Netmap – Standard Routing Node –E n g i n e  \\n4. Click Save .\\n 214 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsFigure 6-33   HTTP Adapter Configuration\\n6.4.6  Installing and configuring the IBM Sterling Control Center\\nThis section describes the installation and the configuration of IBM Sterling Control Center at \\nthe Buyer company. It is required to allow th e Buyer company to manage IBM Sterling File \\nGateway connections with Seller and also to manage IBM Sterling Connect:Direct connections with the Bank.\\nInstallation procedure\\nFollow these steps to install IBM Sterling Control Center.\\n1. IBM Sterling Control Center needs a database to hold its configuration, the alerts that it \\ngenerates, and the logs collected from managed IBM Sterling B2B Integrator and IBM Sterling Connect:Direct. Several databases are supported. The database must be installed and schemas defined prior to IBM Sterling Control Center installation. \\n2. Run the CCinstall.exe  from IBM Sterling Control Center product directory: \\nC:\\\\IBM Sterling Control Center\\\\IBM Sterling Control Center V 5.3.00 for Windows, English (CZZ2KEN)\\\\CZZ2KEN\\\\Windows.  \\nTip: In this section, we are presenting a summary of the installation steps performed to \\ninstall IBM Sterling Control Center version 5.3 for this specific scenario. However, if you \\nwant to replicate the installation in your own environment, make sure to see the IBM \\nSterling Control Center Getting Started Guide , as there are important instructions to follow:\\nhttp://www.sterlingcommerce.com/documentation/SCC53/PDF/GettingStarted.pdf Chapter 6. Financial Services scenario 215See the IBM Sterling Control Center Getting Started Guide for an explanation of the \\nrequired installation parameters:\\nhttp://www.sterlingcommerce.com/documentation/SCC53/PDF/GettingStarted.pdf\\nConfiguring IBM Sterling Control Center\\nIn this specific scenario, IBM Sterling Control Center is used to monitor the sending of the \\npayment message from Buyer to Bank and the XML acknowledgement from Bank to Seller. \\nConfiguration steps\\nFollow these steps:\\n1. Open the IBM Sterling Control Center graphical user interface. See Figure 6-34.\\n2. Select Manage \\uf0ae Add Server  to define Bank and Seller IBM Sterling Connect:Direct.\\nFigure 6-34   Sterling Control Center configuration\\n 216 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsFigure 6-35 shows the server properties.\\nFigure 6-35   Server Properties\\n3. Select Manage \\uf0ae Rules and Actions \\uf0ae Rules  to define the rules to monitor Bank and \\nSeller transmissions. See Figure 6-36.\\n Chapter 6. Financial Services scenario 217Figure 6-36   Rules to monitor Bank and Seller transmissions\\nFigure 6-37 shows the rule properties.\\nFigure 6-37   Rule Properties \\n 218 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer Solutions4. Select Monitor \\uf0ae Alerts  to see new alerts generated by IBM Sterling Control Center. See \\nFigure 6-38.\\nFigure 6-38   Active Alert Monitor\\n Chapter 6. Financial Services scenario 219Figure 6-39 shows the alert properties.\\nFigure 6-39   Alert Properties\\n5. Select Monitor \\uf0ae Handled Alerts to see alerts previously checked by someone.\\n6. Select Queued Process Activity  to see IBM Sterling Connect:Direct processes on the \\nqueue, These are processes running or waiting to run (Figure 6-40).\\n 220 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsFigure 6-40   Queued Process Activity Monitor\\n7. Select Completed Process Activity to see IBM Sterling Connect:Direct process statistics \\n(Figure 6-41). \\nFigure 6-41   Completed Process Activity\\nAlso see the IBM Sterling Control Center Configuration Management Guide at this website:\\nhttp://www.sterlingcommerce.com/documentation/SCC53/PDF/ConfigMgmt.pdf\\n Chapter 6. Financial Services scenario 221Configuring Sterling Control Cent er for Sterling B2B Integrator\\nAlthough not used in this specific scenario, it is also possible to use Sterling Control Center to \\nmonitor a Sterling B2B Integrator instance. This section presents the configuration steps that you need to make if you want to test this additional feature. \\nConfiguration steps for IBM Sterling Control Center\\nFollow these steps:\\n1. Open the IBM Sterling Control Center graphical user interface. See Figure 6-42.\\n2. Select Manage \\uf0ae Add Serve r to define Buyer IBM Sterling B2B Integrator. \\nFigure 6-42   Adding Sterling B2B In tegrator to Sterling Control Center\\n 222 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsFigure 6-43 shows the Connection window.\\nFigure 6-43   Connection\\nThe “Web Service Address” and “Web Service Port” parameters that you need here are \\ndefined in the section named “Configurations steps for IBM Sterling B2B Integrator” on page 228.\\n Chapter 6. Financial Services scenario 223Figure 6-44 shows the Select Protocols window.\\nFigure 6-44   Select protocols\\nTip: Y ou can find detailed information about how to configure IBM Sterling Control Center \\nat the following website:\\nhttp://www.sterlingcommerce.com/documentation/SCC53/PDF/GettingStarted.pdf\\n 224 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer Solutions3. Select Manage \\uf0ae Rules and Actions \\uf0ae Rules  to define the rules to monitor Buyer IBM \\nSterling B2B Integrator. In this example we show a rule to generate an alert whenever an IBM Sterling B2B Integrator adapter is disabled. See Figure 6-45.\\nFigure 6-45   Rule list\\n Chapter 6. Financial Services scenario 225Figure 6-46 shows the Rule Properties window.\\nFigure 6-46   Rule Properties: General\\n 226 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsFigure 6-47 shows the parameters of the rule properties.\\nFigure 6-47   Rule Properties: Parameters\\n4. Select Monitor \\uf0ae Active Alerts  to see the alerts that have been generated by IBM \\nSterling Control Center which have not yet being processed by any operator. \\nFigure 6-48 and Figure 6-49 show the list of Active Alerts at some moment. If you click a \\nspecific alert, another window is o pened showing its detailed information.\\n Chapter 6. Financial Services scenario 227Figure 6-48   Active Alerts Monitor\\nFigure 6-49   Alert Properties\\nTip: Detailed information about how to create IBM Sterling Control Center Rules is \\navailable on the IBM Sterling Control Center - How-To Guide  at this website:\\nhttp://www.sterlingcommerce.com/documentation/SCC53/PDF/HowTo.pdf\\n 228 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsConfigurations steps for IBM Sterling B2B Integrator\\nThe detailed description of the steps necessary to configure Web Services to allow IBM \\nSterling Control Center to manage IBM Sterling B2B Integrator can be found in this manual (see the following website): \\nIBM Sterling B2B Integrator - Monitoring with Sterling Control Center  in the paragraph, \\n“Enable Sterling Integrator for Monitoring by Sterling Control Center.”\\nhttp://help.sterlingcommerce.com/SB2BI52/topic/com.ic.customization.doc/SI_52_PDF/\\nSI52_SCC.pdf\\nAdditional information about Web Services can be found in this manual (see the following \\nwebsite): \\nIBM Sterling B2B Integrator - Web Services\\nhttp://help.sterlingcommerce.com/SB2BI52/topic/com.ic.customization.doc/SI_52_PDF/\\nSI52_WebServices.pdf\\nFigure 6-50 shows the parameters used on this specific scenario. \\nFigure 6-50   Web Service Settings\\n Chapter 6. Financial Services scenario 229This information can be obtained by navigating on the IBM Sterling B2B Integrator dashboard \\n(Figure 6-51) to Deployment \\uf0ae Web Services \\uf0ae Manage  and typing  SCCInteropService \\nin the Search box, and clicking Go. Then click the SCCInteropService  link.\\nFigure 6-51   Web Services Manager\\nWeb Service Address and Web Service Port\\nFigure 6-52 shows the IP address and port number that SCCInteropService is listening to; \\nthese parameters are necessary for configuring IBM Sterling Control Center. To obtain this information, click the View WSDL  link as shown in Figure 6-51. \\n 230 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsFigure 6-52   View WSDL\\n6.4.7  Installing and configuring the IB M WebSphere Transformation Extender \\nDesign Studio\\nAs stated in the introduction to this book, it is assumed that any WebSphere Transformation \\nExtender component that is needed has already been installed. For any scenario using WebSphere Transformation Extender, the Design Studio must be installed on a development platform in order to create the maps needed for translation. In this scenario, WebSphere Transformation Extender for Integration Servers has also been installed on the development platform, as well as on the server that will host the Sterling B2B Integrator. Because the \\ninbound message used for this scenario is of custom format, no industry packs are needed for this scenario. \\nSetting up the Design Studio\\nDetails for setting up the Design Studio to integrate and deploy maps to Sterling B2B Integrator are discussed in detail in Chapter 4, “Routing and transforming messages” on page 69 of this book. Here we discuss the map used to translate the inbound message to the desired format for this scenario.\\nTranslating the message with W ebSphere Transformation Extender\\nFor this scenario, a single translation maps is needed to transform the incoming custom \\npayment message into canonical form. For this scenario, no further translation is needed as the canonical form chosen is also the format  used by the partner to whom the message is \\nsent. Transforming the canonical message to a target format is discussed in “Step 6: Configure WebSphere Transformation Extender” on page 145.\\n Chapter 6. Financial Services scenario 231The inbound message is described in Example 6-6.\\nExample 6-6   Inbound message format\\nThe payments message contains information for 1 to many checks.\\nA check is represented by a fixed length row of 141 byes terminated by CR/LF . The \\ncomposition of check data is described in Table 6-6.\\nTable 6-6   Inbound payment message format\\nUsing the type designer from the WebSphere Transformation Extender Design Studio, we create a custom type tree that follows the format described above. Figure 6-53 shows the type tree definition.\\nFigure 6-53   Type tree for inbound payment messageFIELD POSITION SIZE TYPE COMMENT\\nABA Route Number 00 9 INTEGER Right Justify Zero Fill\\nFrom Account Number 09 15 INTEGER Right Justify Zero FillCheck Number 24 4 INTEGER Right Justify Zero Fill\\nPayment Amount 28 10 DECIMAL(10,2) Right Justify Zero Fill \\nDecimal separator “.”\\nCheck Date 38 8 DATE MMDDCCYY\\nTo Account Number 46 15 INTEGER Right Justify Zero FillDescription/Memo 61 80 CHARACTER Left Justify Space Fill\\n 232 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsThe target format for the map is defined using an xml schema definition. The content of the \\nschema is shown in Example 6-7.\\nExample 6-7   Payment target schema\\n<?xml version=\"1.0\" encoding=\"utf-8\"?><xs:schema xmlns:xs=\"http://www.w3.org/2001/XMLSchema\">  <xs:element name=\"ChkFile\">    <xs:complexType>      <xs:sequence>        <xs:element maxOccurs=\"unbounded\" name=\"Checks\">          <xs:complexType>            <xs:sequence>              <xs:element name=\"ABANum\" type=\"xs:integer\" />              <xs:element name=\"FromAcctNum\" type=\"xs:integer\" />              <xs:element name=\"ChkNum\" type=\"xs:integer\" />              <xs:element name=\"ChkAmt\" type=\"ChkAmt_Type\" />              <xs:element name=\"ChkDate\" type=\"xs:dateTime\" />              <xs:element name=\"ToAcctNum\" type=\"xs:integer\" />              <xs:element name=\"Description80\" type=\"Description80_Type\" />            </xs:sequence>          </xs:complexType>        </xs:element>      </xs:sequence>    </xs:complexType>  </xs:element>  <xs:simpleType name=\"ChkAmt_Type\">    <xs:restriction base=\"xs:decimal\">      <xs:totalDigits value=\"10\" />    </xs:restriction>  </xs:simpleType>  <xs:simpleType name=\"Description80_Type\">    <xs:restriction base=\"xs:string\">      <xs:maxLength value=\"80\" />    </xs:restriction>  </xs:simpleType></xs:schema>\\nUsing the map designer from the WebSphere Transformation Extender Design Studio, we \\ndefine the input card using the type tree described by Figure 6-53 on page 231.\\nThe output card using the xml schema is shown here in Example 6-7. Chapter 6. Financial Services scenario 233Figure 6-54 shows the input card definition.\\nFigure 6-54   Input card definition\\n 234 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsFigure 6-55 shows the output card definition.\\nFigure 6-55   Output card definition\\n Chapter 6. Financial Services scenario 235The map shown in Figure 6-56 loops through each payment record in the input and \\ntransforms it into an xml payment record.\\nFigure 6-56   Payments translation map\\nAfter the map is created and built, it is tested on, and deployed to the Sterling B2B Integrator as described in Chapter 4, “Routing and transforming messages” on page 69 of this book.\\n6.4.8  Installing and configuring the IB M WebSphere Transformation Extender \\nfor Integration Servers\\nThis topic has been covered earlier in this book. For details, see Chapter 4, “Routing and \\ntransforming messages” on page 69.\\n6.5  Testing the scenario\\nIn this section, we provide a breakdown of the actions required to test the scenario. \\nAs described in 6.3, “Presenting the Financial Services scenario” on page 181, the data flow \\nstarts with a manual intervention; indeed, the process starts when the Seller uploads an invoice file to the Buyer. The f ile is routed to the Seller mailbox in the St erling B2B Integrator \\nsystem at the Buyer, subsequently the entire process is automated in the Seller Sterling B2B Integrator and also at the Bank because the F ile Agent in the Bank Connect:Direct monitors \\nthe inbound directory and, as soon a file arrives to that directory, Sterling File Agent sends a file to the Seller as an acknowledgement of the payment received. \\n 236 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsIn order to upload the file using myFileGateway, the Seller must know the login and password, \\nas shown in Figure 6-57.\\nFigure 6-57   IBM Sterling File Gateway\\nThe next steps are completely automated: when the file comes in the mailbox /BUYER/Inbox at the Buyer, a Routing Rule set up for this purpose kicks off the appropriate Business Process for further processing.\\n Chapter 6. Financial Services scenario 237We implemented the Routing Rules shown in Figure 6-58.\\nFigure 6-58   Routing rules\\nWith these Routing Rules, you can test the corresponding Business Processes \\nindependently, as each Routing Rule monitors the /BUYER/Inbox mailbox and then starts the corresponding Business Process: \\n/SM590000The Routing Rule RRFinanc ialScenarioBPWTXVersion calls the Business Process \\nFinancialScenarioBPWTXVersion from Example 6-1 on page 190 which implements the base Financial Scenario.\\n/SM590000The Routing Rule RRFinancialScenarioBPTranS ervVersion calls the Business Process \\nFinancialScenarioBPTranServVersion from Example 6-2 on page 192 which implements the base Financial Scenario but with the Translation service in place of the WTX Map service.\\n/SM590000The Routing Rule RRFinanc ialScenarioBPWTXInvokeExtension calls the Business \\nProcess FinancialScenarioBPWTXInvokeExtens ion from Example 6-3 on page 194 which \\nimplements the Extended Scenario described in section 6.6, “Extended scenario” on page 238.\\nDepending on which scenario you want to test, you can enable the corresponding Routing \\nRule according to the above schema. \\nAny test ends when a copy of the XML file is routed by the bank Connect:Direct process by \\nFile Agent to the seller inbox di rectory C:\\\\CDSELLERCOMM\\\\CDBANKIN\\\\.\\n 238 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer Solutions6.6  Extended scenario\\nAs an extension to the scenario, we consider the buyer’s partner integration systems to \\nconnecting to his backend systems using the ow n internal integration layer, which is an \\nenterprise service bus as discussed in 6.3.1, “Alternate scenarios”. The extension is depicted in Figure 6-59. \\n6.6.1  Business value\\nThe extension provides additional business va lue by seamlessly inte grating the external \\npartner connections to backend systems in the own enterprise of the buyer, by using WebSphere MQ messaging in a chain of transaction-safe operations. The particular value of the enterprise service bus is not only in allo wing this single sample connection, but in \\nsupplying a unique, normalized mean for all the connectivity needs of the enterprise. It reduces the complexity and maintenance cost compared to using a different transport. See Figure 6-59 for a description of this scenario.\\nFigure 6-59   Extended Scenario with enterprise service bus connection\\n6.6.2  Additional prerequisites\\nThe connect to the enterprise  service bus requires additional software and skills.\\nSoftware prerequisites\\nIn addition to the software mentioned in 6.2.1, “Software prerequisites”, you need WebSphere \\nMQ and Message Broker software. \\nSkills prerequisites\\nIn addition to the skills me ntioned in 6.2.2, “Skills pr erequisites”, you need some \\nadministration and development skill regard ing WebSphere MQ and WebSphere Message \\nBroker. General knowledge of messaging in the staff that deals with Sterling B2B Integrator is advantageous. \\n Chapter 6. Financial Services scenario 2396.6.3  Overview of the extension scenario\\nThe overview picture of Figure 6-59 on page 238 shows the scenario connected by IBM \\nWebSphere MQ through the enterprise service bus to the legacy backend resources, right end. The regular message flow is from left to right:\\n1. Sterling B2B Integrator opens a connection to WebSphere MQ queue manager and puts \\n(writes) a message to the IN queue.\\n2. The WebSphere MQ queue manager on B2B02 transfers the message to the queue \\nmanager on host ESB01. \\n3. The IBM Message Broker flow deployed for this scenario gets (reads) the message from \\nthe local IN queue. A WebSphere Translation Extender map designed for that purpose transforms the message to the backend format. Depending on the account number the responsible branch is chosen: content based routing and routing. \\nIn detail, the setup uses two WebSphere MQ queue managers, five application queues and \\nthree channel definitions, as shown in Figure 6-60. These are the WebSphere MQ objects which are directly relevant for the applications and their configuration. \\nFigure 6-60   Applications, queue managers and queues\\nThere are some other configuration steps related to the basic set-up of the messaging and enterprise service bus infrastructure, which belong to the realm of the messaging network administration:\\n/SM590000Create queue managers.\\n/SM590000Create a server connection channel.\\n/SM590000Create a WebSphere MQ queue manager cluster.\\n/SM590000Connect the queue managers in the cluster so that they can write to queues defined on \\nother queue managers without additional administration tasks.\\n/SM590000Create and setup brokers.\\nThe messaging network must be operated as an application neutral infrastructure: for \\nexample, a TCP network. It means that the objects created to set up basic infrastructure can also be used by other applications, if there are no technical reasons against it. <<node>> b2b02 <<node>> esb01 <<node>> branch1\\n<<node>> branch2\\n<<qmgr>> B2B02<<qmgr>> ESB01A\\nAlias \\nQueue\\nIN\\nLocal \\nQueue\\nBACKOUT\\n<<app>> sb2biPUT\\nC\\nClustered \\nQueue\\nIN<<ref>><<Ref as backout queue>>\\n<<broker>> esb01Local Queue\\nBRANCH1.IN\\nGET<<app>> legacyA\\n<<app>> legacyBGET\\nLocal Queue\\nBRANCH2.IN\\nGET\\n<<mflow>> MF.name<<mflow>> MF.name\\n<<mflow>> MF.namePUT\\nPUT\\nGETFINANCE.B2B02.SBI\\nFINANCE.BRANCH2.ESB01 240 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer Solutions6.6.4  Alternate configurations \\nIn this section, we discuss some different choices and configurations, in particular, in the \\nWebSphere MQ topology:\\n/SM590000Use of WebSphere MQ distributed queueing instead of clustering\\n/SM590000Remote WebSphere MQ queue manager\\n/SM590000Remote WebSphere Transformation Extenders\\n/SM590000Choosing different ESB technology\\n6.6.5  Configuring the extended scenario\\nTo set up the extension scenario, we need to configure Sterling B2B Integrator to send \\nmessages to WebSphere MQ, and the WebSphere MQ queue managers, the broker and the WebSphere TX extension to deal with these messages.\\nConfiguring Sterling B2B Integrator\\nMost of the connection from Sterling B2B Integrator to the WebSphere MQ queue manager is configured in Sterling B2B integrator. See the description in “Configuring IBM Sterling B2B Integrator” on page 187. Figure 6-61 shows the business process used to write a message to the WebSphere MQ queue manager.\\nFigure 6-61   Sterling B2B Integrator business process accessing WebSphere MQ\\nConfiguring WebSphere MQ\\nWe assume that WebSphere MQ is already installed on your system. We give a short introduction to the use of WebSphere MQ and comment on some configuration parameters in the following sections. Because WebSphere MQ is a very large system, we recommend that new users study the IBM manuals and Redbooks publications to gain more insight.\\nTo administrate a local WebSphere MQ installation on Windows or Linux, you can use the \\nWebSphere MQ Explorer, call it from the Windows start menu or the command strmqcfg .\\nCreating queue managers \\nTo create a local queue manager, you can use a wizard in the WebSphere MQ Explorer. For a \\nvery basic configuration, not more than the name of the queue manager is needed. Nevertheless, we discuss some hints about configuration collected in the two wizard pages shown in Figure 6-62 and following. \\nChoose a convenient, comprehensive and short queue manager name. We recommend to \\nuse a name with a maximum of 8 characters and to use upper case only. Upper case is in general a good choice for MQ object names. Y ou can use the hostname if you want to see WebSphere MQ as network infrastructure, or a functional name, that allows moving queue managers.\\n Chapter 6. Financial Services scenario 241Y ou can make your new queue manager the default queue manager on the system, which for \\nconvenience can be called without naming it explicitly, though we do not recommend, because the shortcut can be misleading. \\nA default transmission queue is not required for the topologies used in this book. Default \\ntransmission queues are a mean to implement default routes from peripheral queue managers to a central queue manager in hub and spoke topologies. \\nWe propose to set up the queue manager with a dead letter queue where messages go that \\ncannot be delivered. We use the predefined  queue SYSTEM.DEAD.LETTER.QUEUE as \\ndead letter queue for the queue manager. If you choose a different name, be sure to define the queue. If you do not declare and define a dead letter queue, the queue manager closes any connection that tries to send an undeliverable message. This can be good in certain particular scenarios, in most of the cases it would just stop the operation without good reason. In most cases the SYSTEM .DEAD.LETTER.QUEUE can be used. \\nThe numerical values for the maximum handle limit, the maximal count of uncommitted \\nmessages and the trigger interval should be unchanged unless your application requires. Y ou can change these values when needed. See Figure 6-62.\\nFigure 6-62   Queue manager creation by wizard, first page\\n 242 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsThe second page of the wizard, shown in Figure 6-63, requests important settings for \\ntransaction logging and storage. \\nTransaction logging does not mean error reporting, as in a logfile. In this context, something \\nvery alike the redo logs of a database is meant. Productive queue managers should be operated in linear logging mode to allow media recovery. In this case, the transaction logs are kept to help as message backup in case of queue corruption, which can for instance be caused by a failing disk. Development and test queue managers should use circular logging, \\nwhich requires less administration tasks then linear logging. \\nIf you use internal disks, for performance reasons the data and log paths should be located \\non different physical disks. The physical media location is not that relevant if you use SAN storage which is written through a battery buffered cache, though data and log should also then use different sets of physical disk s, in this case for safety reasons.\\nThe capacity of the log you need to provide depends on the volume of data you want to queue \\nand move through the queue manager. \\nThe volume of data relevant for this calculation are the messages in open transactions at one \\ntime. While exact calculations can become quite difficult, a rule of thumb is to take the payload and add 300 byte for message header and another 300 byte logspace for any get or put operation. \\nThe log capacity is (calculated primary logs + secondary logs) * (logfilepages * 4 KB). \\nPrimary log space is created at queue manager start, secondary space when needed. \\nChanges of the numbers become effective after queue manager restart, you can adapt this value easily to growing needs. An attribute you ha ve to consider carefully is the “logfile size” \\n(queue manager attribute LogFilePages), because you cannot change it during the queue manager lifecycle. If you choose a value that proves to be too small, you could only increase it by recycling the whole queue manager: a change that  is critical for production environments. \\nOn the third and forth wizard page, you can keep the defaults, unless you have to change the \\ndefault port 1414 because there is already another queue manager on your system. In this case you can just use 1415 or any other free port.  Chapter 6. Financial Services scenario 243Figure 6-63   Queue manager creation wizard, second page \\nAfter you have created the queue manager, install the WebSphere MQ SupportPac MS03 to \\nsave the queue managers definitions frequently. SupportPacs are extensions, that are available from the IBM website free of charge. Many of them are supported like the product. \\nThe save queue manager SupportPac is essential to keep track of changes in the queue \\nmanager. It saves queue and other definitions, but not the messages in the queues. \\nConnecting applications to the queue manager\\nAfter you have created your queue mangers, you provide connectivity to the applications entitled to use it. We demonstrate connecting applications to the queue manager through TCP/IP . Y ou create a WebSphere MQ \\nserver connection channel  object to allow it, as shown \\nin Figure 6-64. Tip: Download the free WebSphere MQ SupportPac MS03 to save queue manager \\ndefinitions from the following website and run it frequently:\\nhttp://www-01.ibm.com/support/docview.wss?uid=swg24000673\\n 244 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsFigure 6-64   Creating a server connec tion channel from WebSphere MQ Explorer\\nLike all WebSphere MQ channel definitions, th e server connection c hannel is basically a \\nname to define a certain access to the queue manager. The connecting party, like the application, connects to the listener port of the queue manager and passes the name of the channel it wants to connect to. Both, application and queue manager have to use matching channel names. Y ou can see the same pattern again in cluster channels and distributed queueing channels, described in section. \\nBecause a B2B gateway is a security sensitive place, in particular, we need to think about \\nsecuring the channel against unauthorized use. We make these distinctions: \\n/SM590000Authentication: Identifying who is trying to access the queue manager:\\n– By IP \\n– By SSL – By username/password combination– By a token from a security service\\n/SM590000Authorization: Determining what the identified party can do:\\n– To connect, and access message in specified queues:\\n\\x81T o  \\nbrowse  (read) or get (read consuming) the message\\n\\x81T o  put (write) a new message\\n– Or even to change the configuration and access rights\\nBy default, WebSphere MQ believes in the user names that remote systems present when \\nconnecting. Therefore, it is crucial for the security of a WebSphere MQ queue manager network to limit access to the MQ System objects. Otherwise unauthorized parties could pretend to be MQ administrat or. The means to secure a new channel is to fill the \\nmcauser  \\nattribute of the channel; the queue manager r eplaces the user names of incoming messages \\npresented by the sending system with the mcauser  value. The parameters inserted in the \\nserver connection channel wizard are listed in Figure 6-65.\\nFigure 6-65   Parameters for the creation of a server connection channelNAME: B2B.FINANCE.SBIcomment (“DESCR”): Chl for B2B Integrator for Financetransmission Protocol (“TRPTYPE”): TCPcopy from existing channel (“LIKE”): SYSTEM.DEF.SVRCONNtechnical user (“MCAUSER”): sbiuser\\n Chapter 6. Financial Services scenario 245Before you can use the channel, you have to add the declared mcauser  as a system user \\n(windows) or group name (unix) and authorize it in WebSphere MQ’s object authorization manager. It is depicted for a Windows operating system in Figure 6-66. Y ou can access the object authorization manager from the WebSphere MQ Explorer, as shown in Figure 6-67, or create the access rights  with the utility command setmqaut  from the command line. We first \\ngrant the user a basic read-only access, and add the “put” and “get” authorities needed to write to and read from specific queues later. \\nFigure 6-66   The technical mcauser mu st be created on operating system level\\nFigure 6-67   Grant basic read only access to a technical user \\n 246 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsAs an alternative, a fast and convenient way to attach only local applications to a queue \\nmanager hosted on the same node is the binding mode. The dialog is shown in Figure 6-68.\\nFigure 6-68   Grant put and inquire access\\n Chapter 6. Financial Services scenario 247Connecting queue managers in a cluster\\nAfter creating queue managers, you want to connect the queue managers so that they can \\nexchange messages. We demonstrate in the following connecting queue managers through a WebSphere MQ queue manager cluster, which organizes the distribution of messages in the cluster with low administration overhead, and is capable of load balancing. \\nWithin a WebSphere MQ queue manager cluster,  applications can write to queues that are \\nhosted on remote queue managers, not only to the queue manager they are directly connecting. \\nTo define a queue manager cluster, as Cluster ITSO shown in Figure 6-69, we define two \\nqueue managers as the full repositories of th e cluster. For all cluster members two cluster \\nchannels are defined, a cluster receiver channel to itself (like TO.B2B02) and a cluster sender channel object to one of the repositories (like TO.ESB01). A cluster repository queue manager itself will have a sender  channel to the othe r repository. The clus ter receiver channel \\ndefinitions serve as templates used by all queue managers in the cluster to auto-define sender channels to that queue manager. \\nQueue manager clustering is a powerful and versatile technology. Y ou can define multiple \\nclusters for differentiated types of use, for example, with different service levels:\\n/SM590000Unencrypted or encrypted channels\\n/SM590000Fastpath or slow transport of large messages during low traffic times\\nY ou could (and in large organizations, should)  use clusters overlapping in a gateway to \\nseparate zones. \\nThe WebSphere MQ queue manager cluster is completely different than physical clustering \\non the hardware level, which is often used to secure a single queue manager with services like IBM AIX PowerHA (former HACMP) or comparable products of other sources. Queue manager cluster and physical cluster are complimentary concepts that fit together well; queue manager clusters scale the performance up, while physical cluster tales care of fail over safety, the second now often replaced by multi instance queue manager. \\nThere is an alternative configuration called MQ distributed queuing. While clustering is a \\nfeature-rich, easy to use, and mature technology, distributed queueing is the basic way of \\nconnecting queue managers, as shown in Figure 6-69. We discuss the principles of \\ndistributed queuing in “Use of distributed queueing connections” on page 250. 248 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsFigure 6-69   Queue manager cluste r configuration for cluster ITSO\\nConfigure queues \\nWebSphere MQ organizes the actual store and forward of messages in queues. Some of the \\ncategories of queues are explained here: \\n/SM590000A local queue is the basic type of queue. It is the only one that stores messages \\nphysically, and the only type an application can read from.\\n/SM590000An alias queue is a facade to a queue. Alias queues can carry specific access rights to \\ndiscriminate read and right access, and can help to implement different naming concepts both suitable for network administration and application operation at the same time. \\n/SM590000A \\ncluster queue is a queue that is writable from all queue managers of a cluster. If there \\nare two ore more instances of a cluster queue (queues with same name) available in the same cluster, the senders distribute messages among them for load balancing. \\n/SM590000There is also the \\nremote queue , which is a specific form of alias queue that points to a \\nforeign queue manager. It is writable only. It is a concept of distributed queueing, the other form of cooperation between queue managers when you don’t use clustering. It is accompanied by a \\ntransmission queue,  local queues that serve as temporary store for \\nmessages before they are shipped to the target queue manager. <<node>> b2b02<<node>> esb01\\n<<qmgr>> B2B02<<qmgr>> ESB01\\n<<broker>> esb01\\n<<node>> esb02\\n<<qmgr>> ESB02\\n<<broker>> esb02<<clus>> ITSO\\nFull \\nRepository \\nITSOFull \\nRepository \\nITSO\\nTO.ESB02TO.B2B02\\nTO.ESB02TO.ESB01\\nTO.ESB02\\nTO.ESB01\\nLocal Queue\\nDEAD.LETTER Chapter 6. Financial Services scenario 249As shown in Figure 6-70, we create an alias queue on queue manager B2B02 as direct target \\nfor Sterling B2B Integrator. This alias points to a cluster queue that is located on queue manager ESB01. The cluster mechanism forwards the messages from queue manager B2B02 to the local queue on queue manager ESB01, where the middleware processing happens in a WebSphere Message Broker flow. We discuss that very soon in detail. At the moment we want to point out the possibility of  load balancing at that place. \\nIf the load increases and requires more processing power than the physical node ESB01 can \\nsupply, you can scale up and load balance to other esb-nodes by just creating another local queue of the same name on queue manager ESB02 and deploying the same message flows there, too. \\nThe second queue, the B2B gateway queue manager, is a local queue that serves an error \\nand backout queue for the scenario. If the middleware cannot process messages, for instance, because they are malformed, it bounc es such indigestible (“poisoned”) messages \\nback to the origin, because we do not want the esb queue managers to be clogged, and because the root cause of the error is easier to determine closer to the origin of the erroneous \\nmessage. \\nLast, we define two local queues for the output to the legacy systems. We do not spell this \\nout, but the messages could also be forwarded to other nodes. Everything is possible from client connection (as we demonstrate), cluster queue and distributed queueing. \\nFigure 6-70   Queue topology with full queue names \\nThroughout the whole train, we need to consider the message size and the maximal queue depth, that is the number of messages stored in the queue manager: \\n/SM590000Maximal message size is an attribute of queue manager, queues, and channels. We need \\nto adjust the values in all of them if we want to work with larger messages. It is also good practice to separate the paths of fast and heavy messages.\\n/SM590000The maximal queue depth (MAXDEPTH) is the number of messages a queue can store. It \\ndetermines how long the queue manager can buffer for a dysfunctional subsequent system, for instance in planned or unplanned maintenance breaks. \\nOur declared objective is to be work without interruption, or at least without letting our B2B \\npartners know when the processing is interrupted. So we want to supply so much room in the queue that messages can queue as long as wanted and needed to bridge the maintenance window. <<node>> b2b02 <<node>> esb01\\n<<qmgr>> B2B02 <<qmgr>> ESB01A\\nAlias Queue\\nFINANCE.B2B.ESB.REQUEST.IN\\nLocal Queue\\nFINANCE.B2B.ESB.REQUEST.BACKOUTC\\nClustered Queue\\nFINANCE.ESB.REQUEST.IN<<ref>>\\nLocal Queue\\nFINANCE.ESB.REQUEST.BRANCH1\\nLocal Queue\\nFINANCE.ESB.REQUEST.BRANCH2\\n<<ref>> 250 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsUse of distribu ted queueing connections\\nDistributed queueing is the basic approach to connect WebSphere MQ queue managers. It \\ntakes some more manual configuration steps than clustering, and offers less functionality, in particular no load balancing. After being configured, the distributing queueing setup is easy to maintain and simple to understand. Most important, because of simplicity, distributed queueing is very suited for the use in external partner communication and in perimeter zones. \\nWe do not spell out the whole scenario above as an alternative to clustering, but explain the \\nuse of distributed queueing with a realistic sample that shows how our security gateway queue manager B2B01 can be connected to the queue manager B2B02.\\nTo allow messages to be put on a queue on a remote queue manager, we need to create at \\nleast on the near (sender) queue manager, B2B01: \\n1. A \\nremote queue  definition: FINANCE.B2B01.B2B02.IN\\n2. A transmission queue  definition: B2B02\\n3. A sender channel definition: B2B01.B2B02\\nAnd on the remote (receiver) queue manager, B2B02:\\n4. A matching receiver channel definition: B2B01.B2B02\\n5. The queue which is target of the transfer. This queue can be local, alias, remote, or cluster \\nqueue. \\nFor use in a security sensitive zone, you can use a server and requester channel pair instead \\nof sender and receiver. The message flow with server and requester is like in sender and receiver from letter “s” to letter “r”, but the connection is not initiated by the sending party, but by the (receiving) requester. It is most suitable in situations where a queue manager in the DMZ needs to transfer messages to a queue manager in the trusted zone. \\nIt defines a one way route from sender B2B02 to receiver qu eue manager ESB01. If you also \\nwant to send messages the way back, you need to create corresponding definitions. \\nThe connection between queue managers is done by sender and receiver channels. Like all \\nWebSphere MQ channels, the definitions must match by name. We propose to define the \\nchannel names like this:\\n<SENDER_QM>.<RECEIVER_QM>[.<XX>] \\nChannel names are limited to 20 characters. Remember that we recommended to keep \\nqueue manager names shorter than nine characters, although MQ allows queue manager names to be longer. It was because of this channel  naming pattern, which is a kind of de facto \\nstandard in the WebSphere MQ world. The two characters qualifier space can be used to give a counter or qualifiers signaling things like encryption or compression.\\nConfiguring WebSphere Message Broker\\nWebSphere Message Broker is a routing and transformation application working on top of WebSphere MQ. While WebSphere MQ is the messaging backbone of an enterprise service bus, WebSphere Messages Broker provides co nnectivity to other protocols and standards \\nand a number of custom translation capabilities. \\nIn our sample scenario, WebSphere Message Broker has the task to mediate between the \\nB2B gateway and two different legacy backend applications. The backends use different data formats and have slightly different responsibilities. The ESB, say WebSphere Message Broker is responsible to deal with the particularities of these backends because we decided for architectural reasons that the B2B gateway must not deal with details of backend implementations: one of the simple truths of service oriented architecture.  Chapter 6. Financial Services scenario 251Figure 6-71 shows the Message Broker Toolkit.\\nFigure 6-71   Message Broker Toolkit overview\\nY ou can think of the WebSphere Message Broker as a platform or application server. The \\napplications are developed and packaged in a specific eclipse based build time environment called Message Broker Toolkit. Deployment is al so done from this tool or from the Message \\nBroker Explorer, a plug-in into the WebSphere MQ Explorer suitable for Broker administrators. The applications are deployed to the broker runtime component. Y ou can separate the runtime, and also scale up to the limit of the physical OS, by using several execution groups for different applications. \\n 252 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsMessage broker flow development\\nA message broker flow basically needs input and output nodes at least. In our scenario case, \\nboth source and target are WebSphere MQ queues. As shown in Figure 6-72, the flow consists of six nodes.\\nFigure 6-72   The message flow\\nThese six nodes are as follows:\\n1. The input node specifies the queue where messages come from and the parser used to \\ninterpret the message. This could be a XML parser or a parser for custom wire formats. In our scenario we do not parse the message on input but read it as a binary large object- a BLOB, because we just pass the message as a whole to the following WTX node.\\n2. The WTX node has the purpose to split a compound message containing an unknown \\nnumber of single check - notifications into single messages. These messages are XML messages as well. We explain the details of the WTX map in “WebSphere Transformation Extender configuration” on page 254. At this place, in the WebSphere TX node, we only have to reference the place where Message Broker can find the TX map on the server.\\n3. The parse node parses the output messages that the WTX node produced to make it \\nhandy for the further processing in the broker flow. In rare cases it can be clever to work directly on a BLOB, or parse only partial when needed. In most cases it is good to parse to the XML tree in advance, like we do here. \\n4. The route node makes a content based choice: Checks with an account number smaller \\nthan 2222222 go to the first Branch 1, the others to the second branch.\\n5. MQ output nodes that point to the branches’ queues.6. MQ output nodes that point to the branches’ queues.\\n Chapter 6. Financial Services scenario 253Message broker flow deployment\\nAfter developing the message flow in the Message Broker Toolkit, the flow needs to be \\ndeployed to the broker runtime environment on the server, as shown in Figure 6-73. Message flows are deployed to execution groups, which are the WebSphere Message Broker artefact for a completely distinct execution environment running its own jvm instance and native operation system processes.\\nFigure 6-73   Deploy a barfile to the broker runtime\\nIn our example, we run only a single execution group called “default” on the server. In real world operations, you might have some distinct execution groups for different projects of your enterprise, or representing for different clients (to design for isolation) or deploy message flows to some execution groups in parallel (to design for high loads).\\n 254 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsWebSphere Transformation Extender configuration \\nFor the extended financial services scenario, WebSphere Transformation Extender is used to \\nsplit the xml payments message into individual payments and then passed back to WebSphere Message Broker to continue processing. Because both input and output are defined by the xml schema definition described earlier in the chapter, no other type tree is needed. \\nThe same XSD is used to define both the input card, as shown in Figure 6-74, and the output \\ncard, as shown in Figure 6-75. \\nFigure 6-74   Input card for payments split map\\nY ou might notice that we set the document verification attribute to Well Formed (Xerces Only) in the input card because the xml is generated internally, and we know that it adheres to the xsd. Because WebSphere Transformation Extender does not perform verification on output, it is not necessary to set this attribute on the output card. \\n Chapter 6. Financial Services scenario 255Figure 6-75   Output card for payments split map\\nOne thing that you might notice about the output card is that we do not choose the entire \\ndocument as our output type. Because we are only interested in individual payment records, the type definition for the output card is the element (sequence) that contains the repeating group of payments (Checks).\\n 256 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsFigure 6-76 and Figure 6-77 show the two-step process for splitting the payment message \\ninto individual payments.\\nFigure 6-76   Executable map passing individual payment to the functional map\\nFigure 6-76 shows the executable map calling the functional map named PutCheckToWire, passing the xml element Checks. Checks contains the payment information to be used by the target application or service. Y ou might notice that we also pass a second parameter to the functional map using the syntax INDEX($). It is done solely to expedite testing the map. By passing in the current index of the payment, we can output each payment individually to a separate file and review the results to make sure that the correct data is passed to the output terminal from the functional map after we deploy to the target platform.\\n Chapter 6. Financial Services scenario 257Figure 6-77 shows the functional map used to output each Checks record to the named \\noutput terminal using the WIRE adapter with the PUT rule. In the second line of the rule, you see a comment containing the rule you would use to test using the FILE adapter as described in the earlier narrative discussing the executable map.\\nFigure 6-77   Using the PUT rule to pass each in dividual payment to the broker output terminal\\nWhen the map in Figure 6-77, executes it receives the xml message shown in Example 6-8.\\nExample 6-8   inbound xml payment message.\\n<?xml version=\"1.0\" encoding=\"UTF-8\"?>\\n<ChkFile><Checks><ABANum>183260101</ABANum><FromAcctNum>222225622010087</FromAcctNum><ChkNum>1</ChkNum><ChkAmt>800</ChkAmt><ChkDate>2011-05-05T00:00:00</ChkDate><ToAcctNum>660007045551212</ToAcctNum><Description80>Acct# 660007045551212 House Pmt</Description80></Checks><Checks><ABANum>111111111</ABANum><FromAcctNum>222222222222222</FromAcctNum><ChkNum>3333</ChkNum><ChkAmt>444.44</ChkAmt><ChkDate>2011-05-15T00:00:00</ChkDate><ToAcctNum>660678912345678</ToAcctNum><Description80>Description of 2nd check in list</Description80>\\n 258 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer Solutions</Checks>\\n<Checks><ABANum>123456789</ABANum><FromAcctNum>333333333333</FromAcctNum><ChkNum>4011</ChkNum><ChkAmt>1000</ChkAmt><ChkDate>2011-05-25T00:00:00</ChkDate><ToAcctNum>660123456789012</ToAcctNum><Description80>Description of 3rd check in list</Description80></Checks></ChkFile>\\nIt then splits the content of the message into individual messages, one for each payment, or \\nChecks record. Example 6-9 shows the result of executing the map based on the input shown in Example 6-8.\\nExample 6-9   Split messages after map is executed.\\nMessage 1...........<Checks><ABANum>183260101</ABANum><FromAcctNum>222225622010087</FromAcctNum><ChkNum>1</ChkNum><ChkAmt>800</ChkAmt><ChkDate>2011-05-05T00:00:00</ChkDate><ToAcctNum>660007045551212</ToAcctNum><Description80>Acct# 660007045551212 House Pmt</Description80></Checks>...........Message 2...........<Checks><ABANum>111111111</ABANum><FromAcctNum>222222222222222</FromAcctNum>\\n<ChkNum>3333</ChkNum>\\n<ChkAmt>444.44</ChkAmt><ChkDate>2011-05-15T00:00:00</ChkDate><ToAcctNum>660678912345678</ToAcctNum><Description80>Description of 2nd check in list</Description80></Checks>...........Message 3...........<Checks><ABANum>123456789</ABANum><FromAcctNum>333333333333</FromAcctNum><ChkNum>4011</ChkNum><ChkAmt>1000</ChkAmt><ChkDate>2011-05-25T00:00:00</ChkDate><ToAcctNum>660123456789012</ToAcctNum><Description80>Description of 3rd check in list</Description80></Checks>........... Chapter 6. Financial Services scenario 259As each individual record is split out, it is passed to the output terminal of the broker map \\nnode that is named, by literal, in the map rule. The broker continues processing each message as it is output to the terminal, while the map continues to split out additional messages. This scenario shows each message passed to the same named output terminal as it is split. However, it is also possible to  dynamically name the output terminal, if that \\nfunctionality is required. The only requirement is that the output terminal named in the map rule, be defined for the map node. After the last message written to the output terminal, the map completes and broker continues processing.\\n6.7  Conclusion\\nIn spite of its simplicity, th e scenario described in this ch apter illustrates two interesting \\nintegration aspects between IBM Sterling and IBM WebSphere portfolios.\\nThe first aspect is the integration between WebSphere Transformation Extender Maps in \\nSterling B2B Integrator which is achievable in two ways, using the WTX Map service in a Business Process or using a WebSphere Translation Extender map in the proprietary Translation service. \\nThe second integration aspect concerns the communication between Sterling B2B Integrator \\nand a WebSphere Message Broker infrastructure through MQ, which is the recommended approach to implement such a communication. \\nIn general, it is achievable because Sterling B2B Integrator includes the WebSphereMQ \\nSuite, a group of services and a communication s adapter that provide maximum flexibility and \\nfunctionality by enabling you to script a complete MQ session using a business process. \\nThe suite also includes an adapter that you can use for asynchronous receiving - the \\nWebSphereMQ Async Receiver adapter.\\nSterling B2B Integrator still in cludes the original WebSpher eMQ adapter, which might serve \\nyour needs better if your MQ communications are fairly basic. \\nAs stated above, MQ communication is the recommended practice to integrate Sterling \\nBusiness Integration Suite with WebSphere Message Broker infrastructure. However, because the latest fix pack of WebSphere Mess age Broker v.7.0, it is also possible to \\nestablish a bridge with a dedicated Connect:Direct server that needs to be installed by the WebSphere Message Broker, in the same server. Y ou then establish a connection with a Connect:Direct Server Adapter instance of Sterling B2B Integrator. \\nLastly, because both Sterling B2B Integrator and WebSphere Message Broker support the \\nmost common communication protocols, like H TTP , HTTPS, or FTP , and now Connect:Direct, \\nit is even possible to establish a connection using one of those protocols. However, this would not be a recommended practice because it won\\'t make use of MQ whereas MQ is the preferred communication mean.  260 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer Solutions © Copyright IBM Corp. 2012. All rights reserved. 261Chapter 7. Supply Chain scenario using \\nAS2 and EDI\\nThis chapter provides an example scenario describing how to use the WebSphere DataPower \\nB2B Appliance XB62 in conjunction with Sterling Integrator, WebSphere MQ, and WebSphere Transformation Extender to consume and proc ess an AS2 packaged message that contains \\nan EDI purchase order.\\nThis chapter includes the following sections:\\n/SM5900007.1, “Business value” on page 262\\n/SM5900007.2, “Prerequisites: Technical and infrastructure” on page 262\\n/SM5900007.3, “Presenting the scenario” on page 263\\n/SM5900007.4, “Configuring the scenario” on page 265\\n/SM5900007.5, “Testing the scenario” on page 307\\n/SM5900007.6, “Conclusion” on page 3127 262 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer Solutions7.1  Business value\\nThe EDIINT B2B pattern is commonly used in supply chain scenarios where companies want \\nto securely exchange EDI data over the Inte rnet. The Applicability Statements (AS1, AS2, \\nAS3) provide a mechanism to securely transport data over a public network. They provide encryption, signatures, and identity of the sender and receiver as well as providing for non-repudiation of origin and receipt. Although EDIINT stands for EDI over the Internet, over the years it has evolved to be payload agnostic and is commonly used to envelope any payload data format. This pattern as depicted in this example demonstr ates the ability of the \\nB2B appliance to provide edge security in and to consume an AS2 message from a trading partner that contains an EDI payload. It furthe r demonstrates the IBM ca pability to integrate to \\nSterling Integrator and WTX for downstream document processing. \\nThe business value of using WebSphere DataPower in conjunction with both Sterling \\nIntegrator and WebSphere Transformation Extender to deliver this pattern is significant. Each product compliments the others, providing combined functionality encompassing a much broader range of B2B flow scenarios than could have been accomplished when used individually. \\nNext we provide is a brief description of the key value of each product:\\n/SM590000The IBM WebSphere® DataPower® B2B Appliance redefines the boundaries of \\nmiddleware by extending the IBM SOA Foundation with a specialized, consumable, dedicated SOA appliance that combines business-to-business (B2B) standards, simplified integration, superior performance, and hardened security for SOA implementations. It is meticulously designed to augment all phases of the SOA life cycle and implementation. \\n/SM590000Sterling Integrator is a transaction engine and toolkit that allow the user to define, create, \\nimplement, and manage process flows. These flows, in turn, allow for the processing, routing, translation, and storage of high volumes of inbound and outbound messages or files. They can also interact and integrate with both internal systems and external business partners.\\n/SM590000WebSphere Transformation Extender WTX is the IBM universal transformer, designed to \\nbe the Enterprise Data Transformation standard. Its consistent data transformation and enrichment capabilities redu ce application development and maintenance costs, \\nstandardize components, provide reuse of both as sets and skill sets across the enterprise, \\nand decrease the time to market of new applications.\\n7.2  Prerequisites: Technical and infrastructure\\nThere are some prerequisites necessary in order to fully understand the scenario and to set it up successfully in your own infrastructure.\\n7.2.1  Software prerequisites\\nIn order to be able to run this scenario, you must have installed the following components:\\n/SM590000WebSphere DataPower B2B Appliances XB62 (Appliance)\\n/SM590000ibm sterling B2B integrator \\n/SM590000WebSphere Transformation Extender for Integration Servers\\n/SM590000WebSphere Transformation Extender Design Studio\\n/SM590000WebSphere Transformation Extender Industry Pack for EDI-X12\\n/SM590000WebSphere MQ Chapter 7. Supply Chain scenario using AS2 and EDI 2637.2.2  Skills prerequisites\\nIn order to fully implement and understand  this scenario, you need to be familiar with:\\n/SM590000B2B Messaging (AS2) and EDI-X12 (basic knowledge)\\n/SM590000WebSphere DataPower B2B Appliances XB62 basic concepts ( IBM WebSphere \\nDataPower B2B Appliance XB60 Revealed , SG24-7745)\\n/SM590000IBM Sterling B2B Integrator basic concepts\\n/SM590000WebSphere MQ basic concepts\\n/SM590000WebSphere Transformation Extender basic mapping techniques\\n7.3  Presenting the scenario\\nThis section provides an overview of the data flow for this scenario. For this particular \\nscenario, we are implementing a two-way flow where we receive an AS2 message that corresponds with an incoming purchase order (X12-850 format). We send an AS2 message back to the partner that corresponds to a functional acknowledgement (EDI 997 format).\\n7.3.1  Primary scenario\\nAs you can see in Figure 7-1, the scenario can be divided into two logical data flows:\\n/SM590000The inbound flow, where we receive the AS2 message containing the X12-850 purchase \\norder from the trading partner\\n/SM590000The outbound flow, where we send the corresponding AS2 message containing the \\nX12-997 functional acknowledgement to the trading partner that was generated by Sterling Integrator\\nNext we describe each step as the data flows through the XB62, pictured in Figure 7-1:\\n1. An EDI-850 payload is wrapped in an AS2 message envelope and sent to the B2B \\nappliance sitting in the DMZ.\\n2. The B2B appliance receives the AS2 message, verifies the partner information, and \\nunpackages the AS2 envelope.\\n3. The B2B Gateway routes the X12-850 to the MQ queue defined in the internal partner \\nprofile’s destination setting.\\n4. After the X12-850 is successfully written to the MQ queue the B2B Gateway generates \\nand sends an AS2 message disposition notification (MDN) back to the sending partner’s system to inform it that the message was successfully received and the B2B Gateway marks the X12-850 transaction as complete.\\n5. Sterling Integrator picks up the X12-850.\\n6. Sterling Integrator validates its using WTX, generates an X12-997, routes the X12-997 to \\nan out queue that is linked to the XB62 B2B Gateway.Tip: It is important to point out that we are only demonstrating a single EDI transaction flow \\nand its acknowledgement in this section. In most cases, a customer’s supply chain pattern might contain multiple transactions that represent a full conversation. For example, a purchase order might be responded to with an advanced ship notice (X12-856) and an invoice (X12-810) that are related to the order that was received. 264 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer Solutions7. Sterling Integrator uses a map created using the WTX X12 Industry pack to transform the \\nX12-850 to XML.\\n8. The B2B Gateway picks up the X12-997 from the out queue.\\n9. The B2B Gateway identifies the sending and receiving partner from the ISA header, \\napplies the attributes as defined in the receiving partner profile and wraps the X12-997 in an AS2 messaging envelope as defined in the external partner profile’s destination setting.\\n10.The B2B Gateway routes the AS2 message carrying the X12-997 payload to the external \\ntrading partner’s configured destination. \\n11.The external trading partner sends a message disposition notification (MDN) to the B2B \\nGateway to inform it that the message was successfully received.\\n12.The B2B Gateway logs the X12-997 transaction as complete.\\nFigure 7-1   Supply Chain - purchase order data flow\\n7.3.2  Alternate scenarios\\nThe primary scenario just described demonstrates how Sterling can integrate with IBM \\nproducts to give the customer the most comprehensive capabilities possible to meet their most challenging B2B integration needs. However, not all customers need to support complex B2B flows and could potentially benefit from an alternative less comprehensive solution. This section lists some of the possible alternatives.\\n/SM590000If your company has no need to provide comprehensive security and B2B integration \\ncapabilities in the DMZ and only  need to proxy data to Ster ling Integrator, you can place \\nSterling Secure Proxy or a standard TCP/IP based proxy in the DMZ instead of DataPower.\\n Chapter 7. Supply Chain scenario using AS2 and EDI 265/SM590000If your company standardized on WebSphere for Internal integration, you can use \\nWebSphere DataPower in the DMZ and WebSphere Message Broker in conjunction with WebSphere Transformation Extender in the secured network to meet your needs.\\n/SM590000If your company standardized on Gentran Integration for EDI, you can use it in this \\nscenario instead of WebSphere Transformation Extender.\\n7.4  Configuring the scenario\\nThis section describes how to configure each product used in the primary scenario depicted in Figure 7-1 on page 264 as well as testing the both the inbound and outbound data flows.\\nThe following artifacts are needed to support this configuration and can be downloaded using \\nthe instructions found in Appendix A, “Additional material” on page 333.\\nXB62 artifacts:\\n/SM590000SCS_DataPowerArtifacts.zip  (contains DataPower Import file to fully configure the \\nsimulated partner, the X.509 certificates used in the profiles and the EDI test file).\\n/SM590000SCS_WTXArtifacts1.zip  (contains the compliance artifacts needed to execute the X12 \\ncompliance maps. When extracted, the zip creates the directory structure, and puts all configuration files and map files in the proper location. The zip should be extracted at the root directory of the server that hosts the Sterling B2B Integrator).\\n/SM590000SCS_WTXArtifacts2.zip  (contains the Project Interchange needed to create the Extender \\nProject needed to build the maps needed for this scenario. From within WebSphere Transformation Extender Design Studio, import this zip as a Project Interchange).\\n7.4.1  Configuring the IBM WebSphere B2B Appliance XB62\\nThis section contains the steps involved in configuring the WebSphere DataPower B2B \\nAppliance XB62 to trade AS2 messages with your trading partners, More specifically, it covers these tasks:\\n/SM590000Import of the simulated Trading Partner B2B hub into the XB62\\n/SM590000Creation of an Application Domain to be used to house your B2B hub:\\n– Creation of your internal profile, which is composed of your company\\'s trading \\ninformation and your keys and certificates.\\n– Creation of the trading partner\\'s external profile, which is composed of your partner\\'s \\ntrading information and their public certificate.\\n– Configuration of the XB60 B2B Gateway for trading AS2 messages:\\n\\x81 Creation of an AS2 Front-side Protocol Handler to be used for receiving AS2 \\nmessages from trading partners\\n\\x81 Creation of an HTTP Front-side Protocol Handler to be used for receiving files from \\nthe backend systems\\n\\x81 Association of profiles with the B2B Gateway\\n\\x81 Configuration of an data archive process to keep the system free of outdated \\ntransaction data 266 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsAfter you have completed this section, you can expect to have a better understanding of what \\nit takes to configure the XB60 for AS2 communication.\\nImport the simulated trading partner domain\\nThe DataPower XB62 has the ability to logically se parate configurations by allowing multiple \\nDataPower Domains to be  configured on the device. We use this ability to create a simulated \\ntrading partner to trade AS2 with. Unlike traditional B2B Software, a separate instance and/or install of the B2B Gateway is not needed to simulate trading partners:\\n1. Launch your Internet browser and log on to the XB62\\'s Web GUI as \\nAdmin  into the default  \\ndomain. Y ou need Admin privileges to configure many of the objects.\\n2. From the console, click the  Import Configuration link as shown in Figure 7-2.\\nFigure 7-2   Import Configuration\\n3. In the Import Configuration view (Figure 7-3) be sure that the ZIP radio button is selected \\nand click the  Choose File button. Navigate to the directory where you placed the \\nadditional materials for this chapter, and select the SCS_PARTNER_DOMAIN.zip  file. Click the \\nNext  button to continue.Installation:  The installation of the XB62 is not covered in this book. For information about \\nhow to install DataPower Appliances, see the DataPower Common Installation Guide . For \\nthe purpose of this book, we configure a B2B Gateway in a single domain to act as your B2B hub. The Partner\\'s B2B hub is pre-configured and is imported into its own Domain to allow us to simulate a Trading Partner without the need for another machine. \\nThis book assumes that you are using your own XB62 and have Admin access to the \\ndevice. All IP addresses, ports, queues, object names, and so on, reflected are for the purpose of this example only. Y our actual configuration can differ and contain settings specific to your environment.\\nDependencies:  This configuration is dependent on a connection to an MQ Queue \\nManager for delivering files to Sterling Integrator. Be sure you have access to an MQ Queue Manager and the queues that you intend to use prior to configuring the MQ Queue Manager object in DataPower. \\n Chapter 7. Supply Chain scenario using AS2 and EDI 267Figure 7-3   Import Configuration - Browse File\\n4. The Import Configuration view (Figure 7-4) displays information regarding the domain to \\nbe imported. Be sure to check the box next to the Partner  domain and click Next to \\ncontinue.\\nFigure 7-4   Import Configuration - Select Partner domain\\n5. The Import Configuration view displays a list of objects to be imported, a list of objects that \\nalready exist and a list of files that can differ from existing files. The objects that we need should already be checked, so click the Import button to continue.\\n6. The Import Configuration view disp lays the results of the import. Click the Done  button to \\ncomplete the import.\\n7. Click the Save Config  link in the top menu bar just to the left of the Domain drop-down.\\n 268 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsConfigure the Partner Domain\\nDataPower has a built in security  mechanism that prevents the us er from having the ability to \\nexport keys and certificates from the device. Because DataPower does not allow the export of keys and certificates, we must associate the keys and certificates used for trading AS2 to the internal and external partner profiles associated with the Partner gateway.\\nFollow these steps:\\n1. Change into the Partner  domain by clicking the drop-down next to \\nDomain  on the top \\nmenu bar. See Figure 7-5.\\nFigure 7-5   Change Domains\\n2. From the Control Panel , click the B2B Partner Profiles  link as seen in Figure 7-6. The \\nprofile list as seen in Figure 7-7 shows both the internal and external profiles are down.\\nFigure 7-6   Control Panel - Profile Link\\nFigure 7-7   Profile List View - downTip: In the Partner’s domain, your profile. mycompany, is an external profile. It is because \\nthe partner’s B2B Gateway sees you as an external entity, and only your public certificates are available to the partner. Later in this chapter, you can create your own Domain where the partner profile is external and your profile is internal.\\nIf you are new to DataPower B2B, the concept of internal and external partner profiles \\nmight be confusing. For a good explanation of this concept, see section 7.1.1 in the book, IBM WebSphere DataPower B2B Appliance XB60 Revealed , SG24-7745.\\n Chapter 7. Supply Chain scenario using AS2 and EDI 2693. Click mycompany  in the Name  column to edit the profile.\\nc. In the Configure B2B Partner Profile  view click the AS Settings  tab.\\nd. In the Inbound Security section, click the Edit (...) button next to the Inbound \\nSignature Validation Credential field. See Figure 7-8.\\nFigure 7-8   Configure mycompany AS Settings\\ne. In the Configure Crypto Validat ion Credentials, view, click the pencil  just to the right of \\nMycompany_Cert in the Certificates field.\\nf. In the Configure Crypto Certificate view, click the Upload button next to the File Name \\nfield.\\ng. In the Upload File to Directory cert:/// view, click Choose File  just under the File to \\nUpload field. Navigate to the location where you unzipped the SCS_DataPowerArtifacts.zip  file, select the mycompany-sscert.pem  file and click \\nOpen .\\nh. Be sure Overwrite Existing File  is checked, then click the Upload  button at the \\nbottom of the view.\\ni. Click Continue  in the upload success window. It puts you back into the Configure \\nCrypto Certificate view.\\nj. Click the Apply  button in the Configure Crypto Certificate view. It  puts you back into the \\nConfigure Crypto Validation Credentials view.\\nk. Click the Apply  button in the Configure Crypto Validation Credentials view. It puts you \\nback into the AS Settings  tab of the Configure B2B Partner Profile view.\\nl. Click the Apply  button in the Configure B2B Partner Profile view. It puts the \\nmycompany profile in an Up state.\\nm. Click Save Config  on the top menu bar, just to the right of the Domain drop-down.\\n 270 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer Solutions4. To quickly return to the profile list view, click the B2B Partner Profile  portion of the \\nConfigure B2B Partner Profile at the top of the view, as shown in Figure 7-9.\\nFigure 7-9   Return to the profile list view\\n5. Click the Partner  profile to edit it:\\na. In the Configure B2B Partner Profile view, click the AS Settings tab.\\nb. In the Inbound Security section, leave the Require Signature and Require Encryption \\nboxes unchecked and click the edit (...) button next to Inbound Decryption Identification \\nCredential field. See Figure 7-10.\\nFigure 7-10   Configure Partner AS settings\\nc. In the Configure Crypto Identification Credentials view, click the  edit (...)  button next to \\nthe Crypto Key field.\\nd. In the Configure Crypto Key view, click the Upload  button next to the File Name field.\\ne. In the Upload File to Directory cert:/// view, click Choose File under the File to Upload \\nfield. Navigate to the location where you unzipped the SCS_DataPowerArtifacts.zip  \\nfile, select the partner-privkey.pem  file, and click Open .\\nf. Be sure Overwrite Existing File  is checked, then click the Upload  button at the \\nbottom of the view.\\ng. Click  Continue  in the upload success window. It puts you back into the Configure \\nCrypto Key view.\\nh. Click the Apply button in the Configure Crypto Key view. It puts you back into the \\nConfigure Crypto Identification Credentials view.\\n Chapter 7. Supply Chain scenario using AS2 and EDI 271i. In the Configure Crypto Identification Credentials view, click the edit (...)  button next to \\nthe Certificate field.\\nj. In the Configure Crypto Certificate view, click the Upload  button next to the File Name \\nfield.\\nk. In the Upload File to Directory cert:/// view, click Choose File  under the File to Upload \\nfield. Navigate to the location where you unzipped SCS_DataPowerArtifacts.zip , \\nselect the partner-sscert.pem  file, and click Open .\\nl. Be sure Overwrite Existing File is checked, then click the Upload  button at the bottom \\nof the view.\\nm. Click Continue  in the upload success window. It puts you back into the Configure \\nCrypto Certificate view.\\nn. Click the Apply  button in the Configure Crypto Certificate view. It  puts you back into the \\nConfigure Crypto Identification Credentials view.\\no. Click the Apply  button in the Configure Crypto Identification Credentials view. It puts \\nyou back into the AS Settings tab of the Configure B2B Partner Profile view.\\np. Click the Apply  button in the Configure B2B Partner Profile view. It puts the Partner \\nprofile in an Up state.\\nq. Click Save Config  on the top menu bar, just to the right of the Domain drop-down.\\nCreate your Appl ication Domain\\nIn this section you are creating a domain to be used to house the configuration needed to \\nsupport your B2B flows. \\nFollow these steps:\\n1. Change back into the default domain by clicking the drop-down next to Domain on the top \\nmenu bar. \\n2. In the left navigation menu, search on the word “Application” and select Application \\nDomain  as seen in Figure 7-11.\\nFigure 7-11   Left navigation menu - search for Application DomainNext:  Y ou have completed the import and configuration of your simulated trading partner. \\nYou are now ready to create your application domain to be used to house your profiles and your B2B Gateway service.\\nTip: If you already understand how to configure the DataPower XB62 for connecting to \\nyour AS2 trading partners, you can bypass this section by importing SCS_MYDOMAIN_DOMAIN.zip  from the location where you unzipped \\nSCS_DataPowerArtifacts.zip . Be sure to import the appropriate certificates in the AS \\nSettings tabs for both profiles, just like you did for the Partner domain.\\n 272 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer Solutions3. In the Configure Appl ication Domain view, Main  tab, enter a descriptive name in the Name \\nfield. In this example, we used MyDomain.\\n4. Check the Enable Auditing and Enable Logging boxes at the bottom of the view and click \\nthe Apply  button to create the domain.\\n5. Click Save Config  on the top menu bar, just to the right of the Domain drop-down.\\n6. Switch into your newly created domain by clicking the drop-down next to Domain in the top \\nmenu bar and selecting MyDomain.\\nCreate an MQ Manager Object\\nFollow these steps:\\n1. In the left navigation menu, search on MQ and select MQ Queue Manager.\\n2. In the Configure MQ Queue Manager list view click in the Add button to create a Queue \\nManager Object.\\n3. Configure the Main  tab as described in the following steps. See Figure 7-12.\\na. In the Name field, enter a descriptive name for the MQ Queue Manager object; in this \\nexample we used B2B02.\\nb. Check enabled  in the Administrative State field.\\nc. Optionally add comments that describe this MQ Queue Manager object.d. In the Host Name field, enter the IP address or host name and port of the MQ server \\nyou are connecting to; in this example we used 9.42.170.226:1414.\\ne. In the Queue Manager Name field, enter the name of the MQ Queue Manager your are \\nconnecting to; in this example we used B2B02.\\nf. In the Channel Name field, enter the name of the MQ connection channel you are \\nconnecting to; in this example we used B2B.SUPPL YCHAIN.DP .\\ng. Enter the username used to connect to the channel that is being used. In this example, \\nwe used an internal name that has the appropriate rights on the MQ Server.Tip: From this point forward, all of your configuration is done in MYDOMAIN. For the \\npurpose of this lab, we stay logged in as admin, however, in a real world deployment, you normally create a User ID and assign appropriate rights to the user that enables them to create and configure objects in this domain, restricting access to the default domain to only the primary Admin user.\\nTip: The best practice for connecting to MQ is to leave the user empty in the DataPower \\nconfig, and to insert a local technical user  with limited access in the MQ config. \\nAuthorization is managed by the rights of this user and Authentication would best be done through SSL.  Chapter 7. Supply Chain scenario using AS2 and EDI 273Figure 7-12   MQ Queue Manager Configuration - Main tab\\n4. Configure the Connections tab as described in the following steps. See Figure 7-13.\\na. Click the Connections  tab; the Name field carries over to the Connections view; \\ndo not change it.\\nb. In the Retry Behavior section, change the retry settings as described here:\\ni. Be sure the Automatic Retry is set to on.\\nii. Set the Retry Interval to 60 seconds.iii. Set the Retry Attemp ts to 3 attempts.\\niv. Set the Long Retry Interval to 600 seconds\\nv. Set the Reporting Interval to 300 seconds.vi. Leave the default values in all remaining fields. \\n 274 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsFigure 7-13   MQ Queue Manager  Configuration - Connection tab\\n5. Click the Apply  button at the top left of the Configure MQ Queue Manager view to \\ncomplete the MQ Queue Manager configuration.\\n6. Click Save Config on the top menu bar, just to the right of the Domain drop-down.\\nTip: If DataPower can connect to your queue manager, it is in an Up state. Otherwise, if it \\nis in a Down state, you cannot  write the files to the MQ backend as demonstrated in this \\nexample until you resolve the connectivity issue.\\nNext:  Y ou have completed the configuration of a MQ Queue Manager object to be used in \\nour example as the back-side integration exchange point. Y ou are now ready to create your internal partner profile.\\n Chapter 7. Supply Chain scenario using AS2 and EDI 275Create your internal profile\\nIn this section, you are creating your company\\'s profile to be used for identifying yourself to \\nyour external trading partner, for applying trading partner policy or agreement attributes to the connection, and for integrating to the backend system; WebSphere MQ in this example:\\n1. Click the B2B Partner Profile  icon in the Control Panel view.\\n2. In the Configure B2B Partner Profile list view, click the  Add  button to create your internal \\nprofile. \\n3. Configure the Main  tab as described in the following steps. See Figure 7-14.\\na. In the Name field, enter a descriptive name for your Internal Profile; in this example we \\nused mycompany.\\nb. Choose enabled  in the Administrative State field.\\nc. Optionally add comments that describe this profile.d. Choose Internal  in the Profile Type field.\\ne. In the Partner Business IDs field, enter your IDs; in this example, we used \\nZZMYCOMPANY, which matches the EDI file that we test later in this chapter. Type in the ID and click the  Add  button.\\nf. Leave all remaining fields set to the default values.\\nFigure 7-14   Configure internal partner profile - Main tab\\nTip: Do not click the Apply  button at this point. We  still have some required \\nconfiguration needed to complete this profile.\\n 276 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer Solutions4. Configure the AS Settings  tab as described in the following steps:\\na. Click the AS Settings tab. The Name field carries over to the AS Settings view. \\nDo not change it.\\nb. In the Inbound Security section, leave the Require Signature and Require Encryption \\nboxes unchecked and click the plus sign  icon to create a new Inbound Decryption \\nIdentification Credential. See Figure 7-15.\\nFigure 7-15   Configure internal partner profile - AS Settings tab\\nc. In the Configure Crypto Identification Credentials view Name field, enter a descriptive \\nname for this credential. In this example, we used mycompany_decrypt. See Figure 7-16.\\nd. Choose enabled  in the Admin State field.\\ne. Click the plus sign  icon next to the Crypto Key field to create/upload the Crypto Key.\\n Chapter 7. Supply Chain scenario using AS2 and EDI 277Figure 7-16   Configure Cryp to Identification Credentials\\nf. In the Configure Crypto Key view Name field, enter a descriptive name for this key. In \\nthis example, we used mycompany_privkey.\\ni. Choose enabled  in the Admin State field.\\nii. Click the Upload  button in the File Name field.\\niii. In the Upload File to Directory cert:/// view, click Choose File  under the File to \\nUpload field. Navigate to the location where you unzipped the \\nSCS_DataPowerArtifacts.zip  file, select the mycompany-privkey.pem  file and click \\nOpen .\\niv. Be sure Overwrite Existing File  is checked, then click the Upload  button at the \\nbottom of the view.\\nv. Click Continue in the upload success window. It puts you back into the Configure \\nCrypto Key view.\\nvi. Enter the password used for the mycompany-privkey.pem file in both fields. In this \\nexample, the key password is “datapower”.\\nvii. Click the Apply button in the Configure Crypto Key view. It puts you back into the \\nConfigure Crypto Identification Credentials view.\\ng. Now that we are back in Configure Crypto Identification Credentials view, we need to \\nupload the certificate that is associated with th e key. Click the  plus sign icon next to \\nthe Certificate field to create/upload the Certificate. See Figure 7-16.\\nh. In the Configure Crypto Certificate view, Name field, enter a descriptive name for this \\ncert. In this example, we used “mycompany_cert”.\\ni. Choose enabled  in the Admin State field.\\nii. Click the Upload  button in the File Name field.\\n 278 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer Solutionsiii. In the Upload File to Directory cert:/// view, click Choose File  under the File to \\nUpload field and navigate to the location where you unzipped the SCS_DataPowerArtifacts.zip , select the mycompany-sscert.pem  file and click Open .\\niv. Be sure Overwrite Existing F ile is checked then click the Upload  button at the \\nbottom of the view.\\nv. Click Continue  in the upload success window. It puts you back into the Configure \\nCrypto Certificate view.\\nvi. Leave the Password fields blank (they are not needed for the certificate) and take \\nthe defaults for everything else.\\nvii. Click the  Apply  button in the Configure Crypto Certificate view. It puts you back into \\nthe Configure Crypto Identification Credentials view.\\ni. In the Configure Crypto Identification Credentials view, leave the Intermediate CA \\nCertificate field empty because we are using Self-Signed Certificates.\\nj. After both credentials are configured, click the  Apply  button, which puts you back into \\nthe AS Settings view.\\nk. In the Outbound Security section be sure the Sign Outbound Messages box is checked \\nand click the plus sign  button to create a new Signing Identification Credential. See \\nFigure 7-17.\\nFigure 7-17   Outbound Security  - Signing Identification Credentials\\n Chapter 7. Supply Chain scenario using AS2 and EDI 279l. In the Configure Crypto Identification Credentials view, Name field, enter a descriptive \\nname for this credential; in this example we used mycompany_signature_cred.\\ni. Choose enabled  in the Admin State field.\\nii. Because we using the same key to decryp t and sign we can use the key and cert \\nthat we already imported, click the drop-down next to the Crypto Key and the Certificate fields and select the same credentials we used for inbound security. \\niii. In the Configure Crypto Id entification Credentials screen , leave the Intermediate CA \\nCertificate field empty because we are using Self-Signed Certificates.\\niv. After both credentials are configured as seen in Figure 7-18, click the  Apply  button, \\nwhich puts you back into the AS Settings screen.\\nv. In the AS Settings view, leave all of the remaining fields set to the default values.\\nFigure 7-18   Outbound Security - Configure Crypto Identification Credentials - completed\\n5. Configure the Destinations  tab as described in the following steps:\\na. Click the Destinations  tab. The Name field carries over to the Destinations view. \\nDo not change it. See Figure 7-19.\\nb. In the Destinations section, click the Add button to add a destination to this profile. \\nBecause this profile is an internal profile the destination is a system or application inside the private network. For this example, we are going to use MQ as an Integration exchange point.\\nc. Enter a descriptive name in the Destination Name field; in this example we used \\n“mycompany_MQ_B2B02”.\\nd. Be sure all of the boxes are checked under the Enabled Document Type section.Tip: Do not click the Apply  button at this point. We  still have some required \\nconfiguration needed to complete this profile.\\n 280 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer Solutionse. In the Connection Section, Destination URL drop-down, select dpmq:// and enter \\n“B2B02/?RequestQueue=SUPPLY.B2B.REQUEST” .\\nf. In the Destinatio n Box, click the Apply  button at the bottom left to save the destination \\nto the list.\\nFigure 7-19   Mycompany Internal Profile - Destination Tab\\n6. Optionally configure the Partner Profile Contacts  tab.\\n7. Click the Apply  button in the top left corner of the Configure B2B Partner Profile view to \\nsave your internal profile.\\n8. Click Save Config  on the top menu bar, just to the right of the Domain drop-down.\\nNext:  Y ou have completed the configuration of your internal profile, you are now ready to \\ncreate the partner’s external profile.\\n Chapter 7. Supply Chain scenario using AS2 and EDI 281Create the Partner’s external profile\\nIn this section, you are creating your trading partner’s profile to be used for verifying their \\nidentity, for applying trading partner policy or agreement attributes to the connection and for integrating to your external trading partner over a specified protocol, AS2 in this example.\\n1. If you are not already in the B2B Partner Profile list view, click the B2B Partner Profile  \\nicon in the Control Panel view.\\n2. In the Configure B2B Partner  Profile list view click the Add button to create your partner’s \\nexternal profile. \\n3. Configure the Main tab as described in the following steps. See Figure 7-20.\\na. In the Name field, enter a descriptive name for your Internal Profile. In this example, we \\nused “partner”.\\nb. Choose enabled  in the Administrative State field.\\nc. Optionally add comments that describe this profile.d. Choose External  in the Profile Type field.\\ne. In the Partner Business IDs field, enter your IDs; in this example we used ZZYOUR \\nCOMPANY which matches the EDI file that we test later in this chapter, type in the ID and click the Add button.\\nf. Leave all remaining fields set to the default values.\\nFigure 7-20   Configure external partner profile - Main tab\\nTip: Do not click the Apply  button at this point. We  still have some required \\nconfiguration needed to complete this profile.\\n 282 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer Solutions4. Configure the AS Settings tab as described in the following steps. \\na. Click the AS Settings  tab; the Name field carries over to the AS Settings view, do not \\nchange it.\\nb. In the Inbound Security section, click the plus sign  button to create a new Inbound \\nSignature Validation Credential. See Figure 7-21.\\nFigure 7-21   Configure external partner profile - AS Settings tab\\nc. In the Configure Crypto Validation Credentials view, Name field, enter a descriptive \\nname for this credential. In this example, we used “partner_signval”. See Figure 7-22 on page 283.\\nd. Choose enabled  in the Admin State field.\\ne. Click the plus sign  button next to the Add button in the Certificates field to \\ncreate/upload the partner’s certificate.\\nf. In the Configure Crypto Certificate view, enter a descriptive name for the crypto \\ncertificate. In this example, we used “partner_cert”.\\ng. Click the Upload  button next to the File Name field.\\nh. In the Upload File to Directory cert:/// view, click Choose File  just under the File to \\nUpload field. Navigate to the location where you unzipped the SCS_DataPowerArtifacts.zip  file, select the partner-sscert.pem file, and click Open .\\ni. Be sure Overwrite Existing F ile is checked then click the  Upload  button at the bottom \\nof the view.\\nj. Click Continue  in the upload success window. It puts you back into the Configure \\nCrypto Certificate view.\\nk. Leave the password fields blank, public certs do not need passwords.\\n Chapter 7. Supply Chain scenario using AS2 and EDI 283l. Click the Apply  button in the Configure Crypto Certificate view. It  puts you back into the \\nConfigure Crypto Validation Credentials view.\\nm. Set Use CRL to Off.\\nn. Click the  Apply  button in the Configure Crypto Validation Credentials view. It puts you \\nback into the AS Settings tab of the Configure B2B Partner Profile view.\\nFigure 7-22   Inbound Security - Configure Crypto Validation Credentials\\nTip: Do not click the Apply  button at this point. We  still have some required \\nconfiguration needed to complete this profile.\\n 284 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer Solutions5. Configure the Destinations  tab as described in the following steps:\\na. Click the Destinations  tab; the Name field carries over to the Destinations view. \\nDo not change it. See Figure 7-23 and Figure 7-24.\\nb. In the Destinations section, click the Add button to add a destination to this profile. \\nBecause this profile is an external profile the destination is the trading partner’s URL, For this example we are going to use AS2 as  the preferred method of exchanging files.\\nc. Enter a descriptive name in the Destination Name field. In this example, we used \\n“Partner_AS2_31001”.\\nd. Be sure all of the boxes are checked under the Enabled Document Type section.\\ne. In the Connection Section, Destination URL drop-down select AS2:// and enter the IP \\naddress or host name of your XB62. For this example, we used 127.0.0.1:31001. Also change the Connection Timeout to 120 seconds.\\nf. In the AS Outbound Security section check the box next to Encrypt Messages, use the \\ndrop-down to select partner_cert and use the default value for Encryption Algorithm.\\ng. In the Advanced AS Behavior section, check the box next to Request MDN, change the \\nTime to Acknowledge to 120 and check the box next to Request Signed MDN.\\nh. Take the default values for all other fields.\\ni. In the Destinatio n Box, click the  Apply button at the bottom left to save the destination \\nto the list.\\nFigure 7-23   Mycompany External Profile - Configure Destination Tab\\n Chapter 7. Supply Chain scenario using AS2 and EDI 285Figure 7-24   Mycompany External Profile - Configure Destination Tab - AS2\\n 286 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer Solutions6. Optionally, configure the Partner Profile Contacts  tab.\\n7. Click the Apply  button in the top left corner of the Configure B2B Partner Profile view to \\nsave the partner’s external profile.\\n8. Click Save Config  on the top menu bar, just to the right of the Domain drop-down.\\nCreate your B2B Gateway Service\\nThe B2B Gateway service is the engine that ties everything together. It uses profile \\nmanagement to ensure that all data that passes through the service is associated with a trading partner agreement between you and your external partner. This service is capable of natively extracting business ID’s from EDI-X12, EDIFACT and XML files, if the files do not have business IDs to extract or are of a format the Gateway does not understand, they are treated as Binary and the business IDs can be  set using a Routing Pre-processor stylesheet. \\nFor this example we are using EDI-X12 payloads. For more information about how to \\nconfigure Binary trading relationship, see Chapters 12 and 13 in the Redbooks publication, IBM WebSphere DataPower B2B Appliance XB60 Revealed , SG24-7745. \\n1. From the Control Panel, click the B2B Gateway Service  icon, or search on “B2B” in the \\nleft navigation menu and select B2B Gateway Service.\\n2. In the Configure B2B Gateway list view, click the Add button.\\n3. Configure the  Main tab as described in the following steps. See Figure 7-25.\\na. Enter the B2B Gateway name in the Name field. In this example we used \\nMY_B2BGATEWAY .\\nb. Choose enabled  in the Administrative State field.\\nc. Optionally add comments that describe this gateway.\\nd. Take the defaults for the Document Storage Location and XML Manager fields.Next:  Y ou have completed the configuration of your partner’s external profile. Y ou are now \\nready to create your B2B Gateway Service. Chapter 7. Supply Chain scenario using AS2 and EDI 287Figure 7-25   Configure MyCompany B2B Gateway Service\\ne. In the Document Routing section, create and configure an AS2 Front Side Handler; this \\nhandler is used to receive AS2 messages an d MDNs from the trading partner, Click the \\nplus sign  in the Front Side Protocol Handlers list and select AS2 Front Side Handler. \\nSee Figure 7-26.\\ni. In the  Main  tab, Name field, enter a descriptive name for this listener. In this \\nexample, we used mycompany_as2_31020.\\nii. Choose enabled in the Admin State field.\\niii. Optionally add comments th at describe this handler.\\niv. Use 127.0.0.1 in the Local IP Address field. \\n 288 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer Solutionsv. In the Port Number field, enter an available port number, in this example we used \\n31020.\\nvi. Use the default values for all other fields and click the Apply  button.\\nf. In the Front Side Protocol Handlers section, click ( + Add ) to add the listener to the \\nFront Side Protocol list.\\nFigure 7-26   Configure AS2 Front Side Protocol Handler\\ng. In the Document Routing section, create and configure a MQ Front Side Handler. This \\nhandler is used to receive the 997’s from the Sterling Integrator through MQ, Click the \\nplus sign  in the Front Side Protocol Handlers list and select MQ Front Side Handler. \\nSee Figure 7-27.\\ni. In the Main  tab, Name field, enter a descriptive name for this listener, in this \\nexample we used mycompany_MQ_ResponseQ.\\nii. Choose enabled  in the Admin State field.\\niii. Optionally add comments th at describe this handler.\\niv. In the Queue Manager field use the drop-down and choose the B2B02 Queue \\nManager object we created in the “Create an MQ Manager Object” on page 272 section of this book. \\nv. Enter the name of the Get Queue. This queue is the same name as you configured \\nin your MQ implementation, in this  example we used SUPPLY .B2B.RESPONSE.\\nvi. Use the default values for all other fields and click the Apply  button.Tip: In production deployments, you want to use a specific IP address that is \\nassociated to the Ethernet port being used for external communications. In this example, we are using two gateways on the local machine so we can use the local host IP .\\n Chapter 7. Supply Chain scenario using AS2 and EDI 289h. In the Front Side Protocol Handlers section click ( + Add ) to add the listener to the Front \\nSide Protocol list.\\nFigure 7-27   Configure MQ Front Side Handler\\ni. In the Attach Partner Profiles section, click the drop-down, select partner from the list, \\nand click the Add button to add the external partner profile.\\nj. In the Attach Partner Profiles section, click the drop-down again, select mycompany  \\nfrom the list, and click the Add button to add the internal partner profile.\\nk. Do not use Active Profile Groups, they are not needed in this example.\\n4. Configure the Archive  tab to purge documents as described in the following steps. See \\nFigure  on page 303.Tip: Do not click the  Apply button at this point. We still have some required \\nconfiguration needed to complete this profile.\\nTip: The Archive  tab is used to automatically keep the B2B document and metadata \\nstorage areas clean. There are two modes; Archive and Purge, and Purge Only. \\n 290 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer Solutionsa. Click the Archive  tab. The Name field carries over to the Archive screen. \\nDo not change it.\\nb. In the Archive Mode field, use the drop-down and select Purge Only . We do not need \\nto Archive files in this example.\\nc. Use the defaults for all of the other fields. \\nFigure 7-28   Configure the Archive tab\\n5. The remaining tabs are not required and are not  used in this example. Click the Apply  \\nbutton at the top left to save the gateway.\\n6. Click Save Config on the top menu bar, just to the right of the Domain drop-down.\\n7.4.2  Configuring the IBM We bSphere Transformation Extender\\nAs stated in the introduction to this book, it is assumed that any WebSphere Transformation \\nExtender component that is needed has already been installed. For any scenario using WebSphere Transformation Extender, the Design Studio must be installed on a development platform in order to create the maps needed for translation. In this scenario, WebSphere Transformation Extender for Integration Servers has also been installed on the development platform, as well as on the server that is intended to host the Sterling B2B Integrator. Next:  Y ou have completed the configuration of your B2B Gateway Service, you are now \\nready to configure Sterling Integrator and WTX.\\n Chapter 7. Supply Chain scenario using AS2 and EDI 291Setting up the Design Studio\\nDetails for setting up the Design Studio to integrate and deploy maps to Sterling B2B \\nIntegrator are discussed in detail in “Step 6: Configure WebSphere Transformation Extender” on page 145. Here we discuss the map used to translate the inbound message to the desired format for this scenario. We must also install the industry pack on the development platform and copy the library file edisvu.dll  that comes with the industry pack, compliance check maps \\nand other related files to the WebSphere Transformation Extender install folder on the server hosting Sterling B2B Integrator. See EDI Compliance Checking  documentation for details at \\nhttp://publib.boulder.ibm.com/infocenter/wtxdoc/v8r4m0/index.jsp?topic=%2Fcom.ibm.websphere.dtx.edicc.doc%2Ftopics%2Fg_edi_compliance_check_overview.htm .\\nTranslating the message with W ebSphere Transformation Extender\\nFor this scenario, a single translation map is needed to transform the incoming EDI X12 850 \\nmessage into canonical xml form. After translation to canonical xml form, no further translation is needed, as the xml output from the transformation map is dropped by Sterling B2B Integrator onto the file system to be consumed by other processes. Transforming a canonical message to a target format is discussed in Chapter 6 of this book. The type tree representing the inbound EDI X12 850 message is a trimmed version of the type tree artifact supplied in the WebSphere Transformation Extender Industry Pack for EDI X12 (Figure 7-29).\\nThis scenario takes advantage of the built in integration in the Sterling B2B Integrator \\nDe-envelop service to execute WebSphere Transformation Extender maps. In order to take advantage of this integration, additional editing of the type tree beyond the trimming methodology discussed earlier in the document is required. The steps for customizing a type tree for integration with the Sterling B2B Integrator De-envelope service is described Pack for \\nEDI documentation that ships with the x12 industry pack and also found at this website:\\nhttp://publib.boulder.ibm.com/infocenter/wtxdoc/v8r4m0/index.jsp?topic=%2Fcom.ibm.\\nwebsphere.dtx.packediref.doc%2Ftopics%2Fg_pkediref_Introduction.htm\\nFigure 7-29   ansi4010-850.mtt.mttTip: A platform specific version of the library f ile, edisvu, is provided in the pack for each \\nplatform supported to integrate the WebSphere Transformation Extender Pack for EDI X12.\\n 292 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsThe target format is xml. However, instead of using the native xml schema definition to \\nrepresent the output format, we chose to import the xml schema definition and generate a type tree to represent the xml. The reason that you would import a schema instead of using it it in its native form, is because sometimes there are rules related to elements in the xml that cannot be represented in a schema. Example 7-1 here shows the schema imported to create the type tree and Figure 7-30 on page 295 shows the type tree that was generated.\\nExample 7-1   XML Schema repr esentation of the purchase order\\n<?xml version=\"1.0\" encoding =\"UTF-8\"?>\\n<xs:schema  xmlns:xs =\"http://www.w3.org/2001/XMLSchema\"  \\nelementFormDefault =\"qualified\"  attributeFormDefault =\"unqualified\" >\\n<xs:element  name=\"OrderFile\" >\\n<xs:complexType >\\n<xs:sequence >\\n<xs:element  name=\"FileHeader\" >\\n<xs:complexType >\\n<xs:sequence >\\n<xs:element  name=\"Sender\" >\\n<xs:complexType >\\n<xs:sequence >\\n<xs:element  ref=\"Contact\" />\\n</xs:sequence >\\n</xs:complexType >\\n</xs:element >\\n<xs:element  name=\"Receiver\" >\\n<xs:complexType >\\n<xs:sequence >\\n<xs:element  ref=\"Contact\" />\\n</xs:sequence >\\n</xs:complexType >\\n</xs:element >\\n</xs:sequence >\\n</xs:complexType >\\n</xs:element >\\n  <xs:element  name=\"Order\" maxOccurs =\"unbounded\" >\\n      <xs:complexType >\\n      <xs:sequence >\\n      <xs:element  ref=\"Header\" />\\n      <xs:element  ref=\"DetailLoop\"  maxOccurs =\"unbounded\" />\\n      <xs:element  ref=\"Trailer\" />\\n     </xs:sequence >\\n     </xs:complexType >\\n      </xs:element >\\n</xs:sequence >\\n</xs:complexType >\\n</xs:element >\\n<xs:element  name=\"Header\" >\\n<xs:complexType >\\n<xs:sequence >\\n<xs:element  name=\"PO_Purpose\" />\\n<xs:element  name=\"PO_Type\" />\\n<xs:element  name=\"PO_No\"/>\\n<xs:element  name=\"PO_Date\"  type=\"xs:date\" />\\n<xs:element  ref=\"SendTo\"  minOccurs =\"0\"/>\\n<xs:element  ref=\"Purchaser\"  minOccurs =\"0\"/> Chapter 7. Supply Chain scenario using AS2 and EDI 293<xs:element  ref=\"Vendor\"  minOccurs =\"0\"/>\\n<xs:element  ref=\"Consignee \" minOccurs =\"0\"/>\\n</xs:sequence >\\n</xs:complexType >\\n</xs:element >\\n<xs:element  name=\"DetailLoop\" >\\n<xs:complexType >\\n<xs:sequence >\\n<xs:element  name=\"ItemNumber\" />\\n<xs:element  name=\"Quantity\"  type=\"xs:decimal\" />\\n<xs:element  name=\"UOM\"/>\\n<xs:element  name=\"UnitPrice\"  type=\"xs:decimal\" />\\n<xs:sequence >\\n<xs:element  name=\"SubDetail\"  maxOccurs =\"10\">\\n<xs:complexType >\\n<xs:sequence >\\n<xs:element  name=\"ProductQualifier\" />\\n<xs:element  name=\"ProductDesc\" />\\n</xs:sequence >\\n</xs:complexType >\\n</xs:element >\\n</xs:sequence >\\n</xs:sequence >\\n</xs:complexType >\\n</xs:element >\\n<xs:element  name=\"Trailer\" >\\n<xs:complexType >\\n<xs:sequence >\\n<xs:element  name=\"ItemCount\"  type=\"xs:integer\"  default=\"0\" \\nminOccurs =\"0\"/>\\n<xs:element  name=\"HashTotal\"  type=\"xs:decimal\"  default=\"0\" \\nminOccurs =\"0\"/>\\n<xs:element  name=\"AmountQualifier\"  minOccurs =\"0\"/>\\n<xs:element  name=\"Amount\"  type=\"xs:decimal\"  default=\"0\" \\nminOccurs =\"0\"/>\\n<xs:element  name=\"DebitCredit\"  minOccurs =\"0\"/>\\n</xs:sequence >\\n</xs:complexType >\\n</xs:element >\\n<xs:element  name=\"SendTo\" >\\n<xs:complexType >\\n<xs:sequence >\\n<xs:element  ref=\"Address\" />\\n</xs:sequence >\\n</xs:complexType >\\n</xs:element >\\n<xs:element  name=\"Purchaser\" >\\n<xs:complexType >\\n<xs:sequence >\\n<xs:element  ref=\"Address\" />\\n</xs:sequence >\\n</xs:complexType >\\n</xs:element >\\n<xs:element  name=\"Vendor\" >\\n<xs:complexType > 294 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer Solutions<xs:sequence >\\n<xs:element  ref=\"Address\" />\\n</xs:sequence >\\n</xs:complexType >\\n</xs:element >\\n<xs:element  name=\"Consignee \">\\n<xs:complexType >\\n<xs:sequence >\\n<xs:element  ref=\"Address\" />\\n</xs:sequence >\\n</xs:complexType >\\n</xs:element >\\n<xs:element  name=\"Address\" >\\n<xs:complexType >\\n<xs:sequence >\\n<xs:element  name=\"Name\"/>\\n<xs:element  name=\"Id\"/>\\n<xs:element  name=\"Street\"  minOccurs =\"0\" maxOccurs =\"2\"/>\\n<xs:element  name=\"City\" minOccurs =\"0\"/>\\n<xs:element  name=\"State\" minOccurs =\"0\"/>\\n<xs:element  name=\"ZipCode\"  minOccurs =\"0\"/>\\n<xs:element  name=\"Country\"  minOccurs =\"0\"/>\\n</xs:sequence >\\n</xs:complexType >\\n</xs:element >\\n<xs:element  name=\"Contact\" >\\n<xs:complexType >\\n<xs:sequence >\\n<xs:element  name=\"Id\"/>\\n<xs:element  name=\"Qualifier\" />\\n</xs:sequence >\\n</xs:complexType >\\n</xs:element >\\n</xs:schema > Chapter 7. Supply Chain scenario using AS2 and EDI 295Figure 7-30   Type Tree generated by PO schema import\\nThe map used to translate the EDI X12 850 to XML is composed of one input card and two \\noutput cards: \\n/SM590000The input card is defined using the trimmed type tree shown in Figure 7-29 on page 291.\\n/SM590000The first output card is defined using the type tree shown in Figure 7-30.\\n/SM590000The second output card is defined using an unbounded string element shown in \\nFigure 7-31. This allows the map to return the xml representation of the purchase order when successful and nothing when it fails. \\n/SM590000The input card definition for the map is shown in Figure 7-32 on page 296.\\n/SM590000The first output card definition for the map is shown in Figure 7-33 on page 297.\\n/SM590000The second output card for the map is shown in Figure 7-34 on page 298.\\n/SM590000The map is shown in Figure 7-35 on page 299.Tip: The second output card is returned to the service, and the first output card is only \\nused as input to the second output card.\\n 296 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsFigure 7-31   Unbounded string element\\nFigure 7-32   Input card definition\\n Chapter 7. Supply Chain scenario using AS2 and EDI 297Figure 7-33   Output card 1 definition\\n 298 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsFigure 7-34   Output card 2 definition\\n Chapter 7. Supply Chain scenario using AS2 and EDI 299Figure 7-35   Map x12edi850toxml.mmc\\nAfter constructing the map using the map designer, you would then build and test locally. In \\norder to execute this map from the Sterling B2B Integrator de-envelope service, the map settings would need to be modified as described in the Pack for EDI  documentation that ships \\nwith the x12 industry pack:\\nhttp://publib.boulder.ibm.com/infocenter/wtxdoc/v8r4m0/index.jsp?topic=%2Fcom.ibm.\\nwebsphere.dtx.packediref.doc%2Ftopics%2Fg_pkediref_Introduction.htm\\nIf the local build and test is successful, you would test on the Sterling B2B integrator using the \\nprocedure defined in Chapter 4, “Routing and transforming messages” on page 69. After this test is successful, you would then deploy the map to Sterling B2B Integrator using the method also described in Chapter 4. After the map is successfully deployed, it can be used in a business process.\\nThis chapter also makes use of the X12 compliance map system that ships with the industry \\npack. In order for the compliance map to execute properly it must be deployed to the server that hosts the Sterling B2B Integrator on the file system to a location that the Sterling B2B \\nIntegrator can access. deploying compliance check maps that ship with industry packs to be executed from Sterling B2B Integrator is described in the documentation that ships with the industry pack. For the scenario discussed in this chapter, this was done by extracting the file SC_Artifacts1.zip , referenced in 7.4, “Configuring the scenario” on page 265, so that the \\nstructure C:\\\\WTXMap  and its contents are created on the server. The compliance map is called \\nccx12.mmc and ships with 9 input cards and 12 output cards. \\n 300 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsThe compliance map is called as an external map, instead of from the Sterling B2B Integrator \\nmap repository. This means that it is execut ed from its location on the file system. The \\nbusiness process passes the EDI X12 850 data to the first input card. The other 8 input cards are used to grab the configuration data needed to run the compliance check.\\nFigure 7-36 shows the compliance map. An example of the 997 generated is shown in \\nExample 7-2.\\nFigure 7-36   Compliance Map ccx12.mmc\\nExample 7-2   997 generated by compliance\\nISA*00*          *00*          *ZZ*MYCOMPANY *ZZ*YOUR COMPANY \\n*111118*1205*U*00401*000000001*0*T*:GS*FA*MYCOMPANY*YOUR COMPANY*20111118*120523*1*X*004010ST*997*0001AK1*MY*35AK2*225*0001*005010AK5*R*5AK9*R*1*1*0SE*6*0001GE*1*1IEA*1*000000001\\n Chapter 7. Supply Chain scenario using AS2 and EDI 3017.4.3  Configuring IBM Sterling B2B Integrator\\nAfter the configuration is complete for WebSphere Transformation Extender, we must now \\nconfigure Sterling B2B Integrator to accept the inbound message and call the components deployed in the previous section.\\nThe process flow in Sterling B2B Integrator is to collect the message from the WebSphere \\nMQ queue, and then write that file to a the file system to preserve it. Then, another service in Sterling B2B Integrator, operating on a schedule, collects the file and initiates the de-enveloping of the message. As part of the de-enveloping, we do a compliance check of the EDI 850 file using WebSphere Transformation Extender, and then transform the message into a format for our backend application to process, again using WebSphere Transformation Extender. During the transformation, we also prepare an acknowledgement, which is an EDI 997, and then place that acknowledgement onto another WebSphere MQ queue for the appliance to return to the trading partner.\\nTo implement this portion of the scenario, we need to create the following items:\\n/SM590000A Business Process to collect the message from the WebSphere MQ queue and place it \\non the file system.\\n/SM590000File System Adapter configuration and schedule to collect the file and initiate the \\nde-enveloping.\\n/SM590000Envelopes for the inbound EDI 850 file:\\n– ISA-IEA\\n–G S - G E–S T - S E\\n/SM590000Envelopes for the outbound acknowledgement (EDI 997):\\n– ISA-IEA\\n–G S - G E–S T - S E\\n/SM590000A Business Process to send the acknowledgement (EDI 997) to WebSphere MQ queue for \\nthe return to the trading partner.\\nBusiness Process to collect the message from WebSphere MQ queue\\nThe first step is to configure a business process in Sterling B2B Integrator to collect the \\nmessage from the WebSphere MQ queue, and then to write this file out to a location on the file system to preserve it for the next step.\\nExample 7-3 is the BPML that we can use for the business process in this scenario.\\nExample 7-3   BPML for the ITSOSuppl ychain_GetMQ_FSExtract business process\\n<process name = \"ITSOSupplychain_GetMQ_FSExtract\"> \\n  <rule name=\"DocumentExists\">    <condition>string-length(PrimaryDocument/@SCIObjectID) &gt; 0</condition>  </rule>\\n  <sequence>\\n    <sequence name=\"Sequence Start\">      <operation name=\"WebSphereMQ Suite Open Session\">        <participant name=\"WSMQ_OpenSession\"/>        <output message=\"WSMQOpenSessionInputMessage\">          <assign to=\".\" from=\"*\"></assign>          <assign to=\"wsmq_channel\">B2B.SUPPLYCHAIN.DP</assign> 302 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer Solutions          <assign to=\"wsmq_debug\">No</assign>\\n          <assign to=\"wsmq_errorOnMQException\">Yes</assign>          <assign to=\"wsmq_hostname\">9.42.170.226</assign>          <assign to=\"wsmq_port\">1414</assign>          <assign to=\"wsmq_qmanager\">B2B02</assign>        </output>        <input message=\"inmsg\">          <assign to=\".\" from=\"*\"></assign>        </input>      </operation>\\n      <operation name=\"WebSphereMQ Suite Open Queue\">\\n        <participant name=\"WSMQ_OpenQueue\"/>        <output message=\"WSMQOpenQueueInputMessage\">          <assign to=\".\" from=\"*\"></assign>          <assign to=\"wsmq_errorOnMQException\">Yes</assign>          <assign to=\"wsmq_MQOO_type\">GET</assign>          <assign to=\"wsmq_qname\">SUPPLY.B2B.REQUEST</assign>        </output>        <input message=\"inmsg\">          <assign to=\".\" from=\"*\"></assign>        </input>      </operation>\\n      <operation name=\"WebSphereMQ Suite Get Message\">\\n        <participant name=\"WSMQ_GetMessage\"/>        <output message=\"WSMQGetMessageInputMessage\">          <assign to=\".\" from=\"*\"></assign>          <assign to=\"wsmq_docTracking\">Yes</assign>          <assign to=\"wsmq_errorOnMQException\">Yes</assign>          <assign to=\"wsmq_qname\">SUPPLY.B2B.REQUEST</assign>          <assign to=\"wsmq_type\">GETONE</assign>        </output>        <input message=\"inmsg\">          <assign to=\".\" from=\"*\"></assign>        </input>      </operation>\\n      <operation name=\"WebSphereMQ Suite Commit\">\\n        <participant name=\"WSMQ_Commit\"/>        <output message=\"WSMQCommitInputMessage\">          <assign to=\".\" from=\"*\"></assign>        </output>        <input message=\"inmsg\">          <assign to=\".\" from=\"*\"></assign>        </input>      </operation>\\n      <operation name=\"WebSphereMQ Suite Close Queue\">\\n        <participant name=\"WSMQ_CloseQueue\"/>        <output message=\"WSMQCloseQueueInputMessage\">          <assign to=\".\" from=\"*\"></assign>          <assign to=\"wsmq_qname\">SUPPLY.B2B.REQUEST</assign>        </output>        <input message=\"inmsg\"> Chapter 7. Supply Chain scenario using AS2 and EDI 303          <assign to=\".\" from=\"*\"></assign>\\n        </input>      </operation>\\n      <operation name=\"WebSphereMQ Suite Close Session\">\\n        <participant name=\"WSMQ_CloseSession\"/>        <output message=\"WSMQCloseSessionInputMessage\">          <assign to=\".\" from=\"*\"></assign>        </output>        <input message=\"inmsg\">          <assign to=\".\" from=\"*\"></assign>        </input>      </operation>\\n    </sequence>\\n    <choice>      <select>        <case ref=\"DocumentExists\" activity=\"Sequence Start\"/>        <case ref=\"DocumentExists\" negative=\"true\" activity=\"\"/>      </select>\\n      <sequence name=\"Sequence Start\">\\n        <operation name=\"File System Adapter\">          <participant name=\"ITSORetail_MQ_FSA\"/>          <output message=\"FileSystemInputMessage\">            <assign to=\".\" from=\"*\"></assign>            <assign to=\"Action\">FS_EXTRACT</assign>            <assign to=\"appendOnExtract\">false</assign>            <assign to=\"concatenateFiles\">false</assign>          </output>          <input message=\"inmsg\">            <assign to=\".\" from=\"*\"></assign>          </input>        </operation>\\n      </sequence>\\n      <sequence>        <assign to=\"false\" from=\"true\"></assign>      </sequence>    </choice>  </sequence></process>\\nNote that this business process is using a File System Adapter to extract the file to the file \\nsystem, which need to be created. It also uses a Rule to check for the existence of a document, which corresponds to the message received from the WebSphere MQ queue. If that document does not exist, the process simply ends without attempting to write the file out.\\nFile System Adapter co nfiguration and schedule\\nIn order to collect the file being written out in the previous step, and to begin the \\nde-enveloping process, we must create a File System Adapter configuration that is set to:\\n/SM590000Collect the file.\\n/SM590000Run on a schedule.\\n/SM590000Initiate (bootstrap) the proper business process. 304 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsFigure 7-37 is the File System Adapter used in this scenario.\\nFigure 7-37   ITSOSupplychain_Collect_FSA configuration\\nNote that we are going to “bootstrap” the process EDIInboundBootstrap, which initiates the \\nde-enveloping of the message. It uses the EDIDeenvelope service to call the X12DeenvelopeUnified business process to de-envelope the message, create the acknowledgement, and then write the transformed message out to the file system for the ‘backend’ application.\\nThis File System Adapter is set to run on a 1-minute schedule, which ensures that any files \\nplaced in the collection folder are collected and processed almost immediately.\\n Chapter 7. Supply Chain scenario using AS2 and EDI 305Envelopes for the inbound EDI 850 file\\nFor the message being collected, we need to configure standard X12 inbound envelopes for \\nthe EDI 850 type.\\nWe need to create an envelope at each of the three standard levels:\\n/SM590000ISA-IEA\\n/SM590000GS-GE\\n/SM590000ST -SE\\nWhen creating the envelopes, there are several items we need to take into account:\\n/SM590000In order to use WebSphere Transformation Extender to check the compliance of the \\nmessage, we need to specify “Y es” to “Use WTX compliance checking” in the ISA-IEA envelope.\\n/SM590000We need to ensure that we select “Y es” to “Generate an Acknowledgement when this \\ngroup is received” in the GS-GE level envelope. In addition, we must also specify the format of the acknowledgement to create, in this case, an EDI 997. We also need to set “Translate and/or Compliance Check Document” to “Yes”. \\n/SM590000In the ST-SE level, we must specify the map to be used to transform the data. In this case, \\nwe select a WebSphere Transformation Extender map, named ‘x12edi850toxml’, that was checked into Sterling B2B Integrator. We also set “Translate and/or Compliance Check Document” to “Yes”.\\n/SM590000Also in the ST-SE level, be sure to select the option “Extract to a file system directory” for \\nthe “Extraction Options,” and specify the location on the file system where the backend application can collect the file.\\nEnvelopes for the outbound acknowledgement (EDI 997)\\nSimilar to the previous situation, we must also create envelopes at each standard level for the \\nEDI 997 that is prepared as part of the de-enveloping of the message.\\nThe following three envelopes must be created:\\n/SM590000ISA-ISE\\n/SM590000GS-GE\\n/SM590000ST -SE\\nFor each of these envelopes, we need to specify that each is for Outbound X12. In the \\nISA-IEA level, we specify the business process to run to output this acknowledgement to the WebSphere MQ queue for return to the trading partner. The business process itself is described in the next section. 306 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsBusiness Process to send acknowl edgement to WebSphere MQ queue\\nFinally, we must create the business process to be called by the X12EnvelopeUnified process \\nthat is initiated when the acknowledgement is created and enveloped. This business process is used to send the acknowledgement, in this case, an EDI 997, back by the WebSphere MQ queue to the appliance, for eventual transmission back to the trading partner.\\nExample 7-4 is the BPML of the this process. Note that this process is quite simple, taking the \\nEDI 997 message and putting it to the WebSphere MQ queue.\\nExample 7-4   BPML of the ITSOSupplyChain_Put_MQ process\\n<process name = \"ITSOSupplychain_Put_MQ\">   <sequence name=\"Sequence Start\">    <operation name=\"WebSphereMQ Suite Open Session\">      <participant name=\"WSMQ_OpenSession\"/>      <output message=\"WSMQOpenSessionInputMessage\">        <assign to=\".\" from=\"*\"></assign>        <assign to=\"wsmq_channel\">B2B.SUPPLYCHAIN.DP</assign>        <assign to=\"wsmq_debug\">No</assign>        <assign to=\"wsmq_errorOnMQException\">Yes</assign>        <assign to=\"wsmq_hostname\">9.42.170.226</assign>        <assign to=\"wsmq_port\">1414</assign>        <assign to=\"wsmq_qmanager\">B2B02</assign>      </output>      <input message=\"inmsg\">        <assign to=\".\" from=\"*\"></assign>      </input>    </operation>\\n    <operation name=\"WebSphereMQ Suite Open Queue\">\\n      <participant name=\"WSMQ_OpenQueue\"/>      <output message=\"WSMQOpenQueueInputMessage\">        <assign to=\".\" from=\"*\"></assign>        <assign to=\"wsmq_errorOnMQException\">Yes</assign>        <assign to=\"wsmq_MQOO_type\">PUT</assign>        <assign to=\"wsmq_qname\">SUPPLY.B2B.RESPONSE</assign>      </output>      <input message=\"inmsg\">        <assign to=\".\" from=\"*\"></assign>      </input>    </operation>\\n    <operation name=\"WebSphereMQ Suite Put Message\">\\n      <participant name=\"WSMQ_PutMessage\"/>      <output message=\"WSMQPutMessageInputMessage\">        <assign to=\".\" from=\"*\"></assign>        <assign to=\"wsmq_docTracking\">Yes</assign>        <assign to=\"wsmq_errorOnMQException\">Yes</assign>        <assign to=\"wsmq_qname\">SUPPLY.B2B.RESPONSE</assign>        <assign to=\"wsmq_send_retryCount\">10</assign>      </output>      <input message=\"inmsg\">        <assign to=\".\" from=\"*\"></assign>      </input>    </operation> Chapter 7. Supply Chain scenario using AS2 and EDI 307    <operation name=\"WebSphereMQ Suite Commit\">\\n      <participant name=\"WSMQ_Commit\"/>      <output message=\"WSMQCommitInputMessage\">        <assign to=\".\" from=\"*\"></assign>      </output>      <input message=\"inmsg\">        <assign to=\".\" from=\"*\"></assign>      </input>    </operation>\\n    <operation name=\"WebSphereMQ Suite Close Queue\">\\n      <participant name=\"WSMQ_CloseQueue\"/>      <output message=\"WSMQCloseQueueInputMessage\">        <assign to=\".\" from=\"*\"></assign>        <assign to=\"wsmq_qname\">SUPPLY.B2B.RESPONSE</assign>      </output>      <input message=\"inmsg\">        <assign to=\".\" from=\"*\"></assign>      </input>    </operation>\\n    <operation name=\"WebSphereMQ Suite Close Session\">\\n      <participant name=\"WSMQ_CloseSession\"/>      <output message=\"WSMQCloseSessionInputMessage\">        <assign to=\".\" from=\"*\"></assign>      </output>      <input message=\"inmsg\">        <assign to=\".\" from=\"*\"></assign>      </input>    </operation>\\n  </sequence>\\n</process>\\nThis process is set to handle only a single message, and would be called to output this \\nacknowledgement each time one is created by the X12EnvelopeUnified process.\\n7.5  Testing the scenario\\nIn this section, we are testing the end-to-end flow through our configuration of the four IBM \\nproducts used in this scenario (DataPower XB62, WebSphere MQ, Sterling Integrator, and \\nWTX). As depicted in the scenario overview in Figure 7-1 on page 264, we consume an AS2 message containing an EDI-X12 purchase order (850) from the external trading partner and \\nreturn an EDI-X12 functional acknowledgment (997) that is wrapped in an AS2 message envelope. \\nIn the Partner\\'s B2B Gateway, we are using a simulated backend, which communicates over \\nan http connection.   For the purpose of this scenario, we start the transfer from the external partner’s backend and send the 850 over the partner’s http integration point using an HTTP Utility. You can use any utility you are comfortable with, in this test we are using a tool called \\nNetTool. 308 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer Solutions7.5.1  Inbound flow\\nFollow these steps:\\n1. Locate the x12_4010_850.in  file the location where you unzipped \\nSCS_DataPowerArtifacts.zip  to, use your HTTP utility to post it to the partner’s http Front \\nSide Handler, in this example we used the IP of our XB62 and a port of 31002. Figure 7-38 depicts what the post looks lik e when using the NetTool utility.\\nFigure 7-38   NetTool post of sample EDI PO\\n2. The Partner\\'s B2B gateway parses the RAW EDI 850 file, recognizes that it is X12, and \\nextracts the Sender and Receiver information from the file. Figure 7-39 shows where the sender (ZZYOUR COMPANY) and receiver (ZZMYCOMPANY) information is located in the EDI 850 file. \\nFigure 7-39   EDI 850 from PartnerISA*00*          *00*          *ZZ*YOUR COMPANY   *ZZ*MYCOMPANY      *100227*0545*U*00401*000008160*0*P*>GS*PO*YOUR COMPANY*MYCOMPANY*20100227*0545*2775*X*004010ST*850*0000002BEG*00*SA*051598**20100225N1*ST*THE DEF CO.*ZZ*EEN3*1234 MAIN ST.N3*SUITE XYZN4*ANYTOWN*MA*55555\\n Chapter 7. Supply Chain scenario using AS2 and EDI 3093. Based on the destination configuration in the mycompany external profile in the Partner’s \\nB2B Gateway, the file is packaged in AS2 and sent to your B2B Gateway.\\n4. Y our B2B Gateway receives the AS2 message at the AS2 Front-side Handler and extracts \\nthe Sender and Receiver information from the AS2 headers. Figure 7-40 shows where the AS2-From (ZZYOUR COMPANY) and AS2-To: (ZZMYCOMPANY) information is located.\\nFigure 7-40   Sample AS2 header\\n5. Y our B2B Gateway Service unpackages the AS2 Envelope, looks up the partner \\ninformation, and verifies that the partners exist and are allowed to trade EDI documents. It \\nlooks at the Destination that is configured for the receiving profile and delivers the EDI 850 \\nfile to the backside. In this example, our backside is a WebSphere MQ queue that is being monitored by Sterling Integrator.\\n6. After the EDI 850 is successfully delivered to MQ, your B2B Gateway sends an AS2 MDN \\nto the Partner informing them that the transaction was successfully received.POST / HTTP/1.1\\nHost: 127.0.0.1:31020Cookie: Via: 1.1 AwAAADEAAAA-X-CLIENT-IP: 9.76.194.232Date: Fri, 16 Dec 2011 07:28:40 GMTAS2-From: \"ZZYOUR COMPANY\"AS2-To: ZZMYCOMPANYAS2-Version: 1.1Message-ID: <a9bdb845-c147-41c3-ab0f-a8415f4d9222@9.70.153.61>Subject: ZZMYCOMPANY;ZZYOUR COMPANYDisposition-Notification-To: ignored@example.comDisposition-Notification-Options: signed-receipt-protocol=optional, pkcs7-signature; signed-receipt-micalg=optional, sha1,md5Recipient-Address: as2://127.0.0.1:31020Content-Type: application/pkcs7-mime; smime-type=enveloped-data; name=\"smime.p7m\"Content-Disposition: attachment; filename=\"smime.p7m\"Connection: Keep-AliveContent-Length: 14221\\n0‚7‰*†H†÷\\n  ‚7z0‚7v\\nInbound flow:  This completes the Inbound flow from a DataPower perspective. Behind the \\nscenes, Sterling Integrator is picking up the f ile and running it through a business process \\nflow that uses WTX to validate the EDI, generate a 997, and transform it to an XML file. Sterling Integrator will then  pass the EDI 997 into an MQ queue that the XB62 is \\nmonitoring. 310 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer Solutions7.5.2  Outbound flow\\nThe EDI 997 is retrieved from the MQ Queue and parsed for sender and receiver ID \\ninformation:\\n1. Y our B2B gateway retrieves the EDI 997 from the MQ queue and parses the file, \\nrecognizes that it is X12, and extracts the Sender and Receiver information from the file. The EDI 997 will have a sender of ZZ MYCOMPANY and a receiver of ZZYOUR \\nCOMPANY (Figure 7-39).\\n2. Based on the destination configuration in the partner’s external profile in the Partner’s B2B \\nGateway, the file is packaged in AS2 and sent to the partner’s B2B Gateway.\\n3. The partner’s B2B Gateway receives the AS2 message at the AS2 Front-side Handler and \\nextracts the Sender and Receiver information from the AS2 headers. \\n4. The partner’s B2B Gateway Service unpackages the AS2 Envelope, looks up the partner \\ninformation, and verifies that the profiles exist and are allowed to trade EDI documents. It looks at the Destination that is configured for the receiving profile and delivers the EDI 997 file to the back-side. In this example, our back-side for the partner is an HTTP location that throws away the file.\\n5. After the EDI 997 is successfully delivered to the http location, the partner’s B2B Gateway \\nsends an AS2 MDN to your B2B Gateway informing you that the transaction was successfully received.\\nOutbound flow:  This completes the outbound flow portion of the scenario. Chapter 7. Supply Chain scenario using AS2 and EDI 3117.5.3  Viewing the test results\\nFollow these steps to see the test results:\\n1. Next we view the transaction in the XB62 \\'s B2B Transaction Viewer; Click on Control \\nPanel and then on B2B Transaction Viewer. \\n2. In the B2B Viewer, click Show AS Only . If the configuration is done correctly, you should \\nsee results similar to Figure 7-41. This figure splits the viewer horizontally for the purpose of this book. Note that transaction 130 was received at your ID (ZZMYCOMPANY), this is the EDI 850, transaction 131 is sent by your ID (ZZMYCOMPANY) and is the outbound EDI 997. The result code is success, meaning that both the inbound and outbound flows were successfully completed.\\nFigure 7-41   B2B Viewer - split view\\n 312 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer Solutions7.6  Conclusion\\nNow that you have completed this chapter, you should have a good understanding of how IBM \\nWebSphere DataPower B2B Appliances complement the Sterling Integrator product. Y ou can see how they sit at the edge of the network to provide B2B security and governance acting as a secure gateway protecting downstream syst ems sitting in the protected network zone. \\nWe only demonstrated the B2B c apabilities of the device in this example. However, the \\nWebSphere DataPower B2B Appliance XB62 is a functional super-set of the Security and Integration appliances that came before it. Many of the other services in the device can be used in conjunction with the B2B services to provide very robust and reliable secure options for connecting to your external trading partners. This chapter also provided you with a good understanding of how the Sterlin g Integrator product can proces s and transform data utilizing \\nits ability to integrate with WTX for EDI validation and transformation. \\nIt is important to note that all of the products used in this scenario are very flexible and can be \\nused in many different ways to accomplish similar if not the same functions demonstrated in this example. The scenario chosen in this example is only one way to integrate these products together. Its intent is meant to illustrate the value of using these products together to \\nprovide a more complete and efficient solution for handling your supply chain connectivity needs. © Copyright IBM Corp. 2012. All rights reserved. 313Chapter 8. IBM Sterling B2B Cloud Service \\nscenarios\\nThis chapter shows two trading scenarios using IBM Sterling File Transfer Service and IBM \\nSterling B2B Collaboration Network to connect to trading partners. We also describe IBM Sterling Web Forms to enable Non-EDI trading partners.\\nThis chapter includes the following sections:\\n/SM5900008.1, “File-based B2B cloud scenario” on page 314\\n/SM5900008.2, “EDI-based B2B cloud scenario” on page 3248 314 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer Solutions8.1  File-based B2B cloud scenario\\nWe start this chapter with a file-based B2B cloud scenario.\\n8.1.1  Business value\\nITSORetailCloud is a company which uses FTP and FTP/S with 500 customers for \\npoint-to-point file exchange. There is no special handling required with these files; the backend systems consume or generate the payloads that are exchanged.\\nThe company has a corporate-wide strategy to standardize in all areas possible to reduce the \\ncomplexity of their environment, reduce redundancy and to eliminate one-off solutions. They have decided to standardize the file transfer protocol on FTP/S.\\nThrough surveying their customer community, they identified the following facts:\\n/SM590000100 of the 500 customers online today need to be migrated to FTP/S and 50 of them do \\nnot migrate.\\n/SM590000There are 1,000 additional customers and supply chain partners with which they want to \\nestablish point-to-point connectivity. Also, 500 of the 1,000 customers are using FTP , 300 customers are using FTP/S, and 200 customers are using S/FTP .\\n/SM590000They have no expertise in S/FTP and do not wa nt to hire, contract, or establish the skills \\nin-house.\\n/SM590000Their IT staff do not have the time to handle the ongoing support needs of the additional \\n1,000 customers.\\n/SM590000There is not sufficient file tran sfer visibility in their existing  environment to support all the \\nprotocols.\\nTheir IT decides to recommend that the file transfer expansion project be outsourced due to \\ncompliance issues, staffing requirements, partner onboarding, community management and visibility. The business areas agree to fund the project. They are looking for the following \\nbusiness benefits:\\n/SM590000Reduced IT infrastructure and operational costs\\n/SM590000Reduced B2B file transfer complexity\\n/SM590000A highly scalable platform to grow their business\\n/SM590000Centralized monitoring and management\\n/SM590000Skilled personnel to manage their B2B file transfer environment\\n8.1.2  Presenting the scenario\\nIn this scenario, we onboard ITSORetailCloud to use IBM Sterlin g File Transfer Service. We \\nalso onboard all of its existing and additional trading partners to use IBM Sterling File Transfer Service.\\nWe establish one discreet FTP/S connection to bring ITSORetailCloud up to IBM Sterling File \\nTransfer Service. Each of its trading partners also have one discreet connection to IBM Sterling File Transfer Servic e using FTP , FTP/S, or S/FTP .  Chapter 8. IBM Sterling B2B Cloud Service scenarios 315Figure 8-1 shows the connectivity choice of this scenario in a high-level perspective.\\nFigure 8-1   Scenario overview\\n8.1.3  Configuring the scenario\\nAfter depicting at a high level the connectivity choice of the scenario that we implement, we \\nexplain in detail how to onboard the customer and all of its trading partners. \\nOnboarding  is the name of the process during which IBM sets up customer and its trading \\npartners to access File Transfer Service. The customer and its trading partners receive help from IBM in getting started with File Transfer Service. The following list is the general sequence of steps in the onboarding process:\\n1. IBM sends a Welcome Letter and questionnaire to the customer’s contact person for File \\nTransfer Service.\\n2. The customer returns the completed questionnaire to IBM.\\n3. IBM grants the customer access to File Transfer Service.4. The customer tests the connection to File Transfer Service, working with IBM as \\nnecessary.\\n5. IBM onboards the customer’s trading partners. For each trading partner, here are the \\ngeneral sequence of steps in the onboarding process:\\na. IBM sends an invitation to contact the trading partner to get set up with File Transfer \\nService. The trading partner might need to provide communications information for setting up the File Transfer Service connection, if the customer has already not given this information to IBM.\\n 316 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer Solutionsb. The trading partner tests the connection to File Transfer Service.\\nc. After the trading partner is successfully onboarded, IBM sends the trading partner \\ninformation about how to contact IBM customer support for assistance in the future.\\n6. After the trading partners are onboarded, IBM sends the customer information about how \\nto contact IBM customer support, which has a world-wide staff providing support 24 hours per day, 365 days per year.\\nOnboarding the FTP/S customer\\nThe customer uses their FTP client software that supports SSL encryption to access File \\nTransfer Service. They complete an FTP/S se rvice questionnaire that collects the following \\ninformation:\\n/SM590000Company name and contact information\\n/SM590000FTP/S service details such as FTP transfer mode and type of data to be transferred\\n/SM590000Access method such as by Internet or VPN connection\\nAfter IBM configures the customer’s account using information collected on the questionnaire, \\nIBM provides the customer with a URL and a user ID and password to connect to the File Transfer Service. The customer works together with IBM to test the connection to File Transfer Service and waits for the IBM specialists to onboard the customer’s trading partners and implement the routing logic of the files to be transferred.\\nOnboarding the FTP partner\\nEach of the customer’s FTP partners uses their FTP client or server software to access File Transfer Service. They complete an FTP service questionnaire that collects the following information:\\n/SM590000Company name and contact information\\n/SM590000FTP service details, such as FTP transfer mode and type of data to be transferred\\n/SM590000Access method, such as by Internet or VPN connection\\n/SM590000Delivery method, which defines who initiates the FTP connection\\nAfter IBM configures the trading partner’s account using information collected on the \\nquestionnaire, IBM provides the trading partner with a URL, as well as a user ID and password, to connect to the File Transfer Service. The trading partner then works together \\nwith IBM to test the connection to File Transfer Service.\\nOnboarding the FTP/S partner\\nEach of the customer’s FTP/S partners uses their FTP client software that supports SSL \\nencryption to access File Transfer Service. They complete a FTP/S service questionnaire that collects the following information:\\n/SM590000Company name and contact information\\n/SM590000FTP/S service details, such as FTP transfer mode and type of data to be transferred\\n/SM590000Access method, such as by Internet or VPN connection\\nAfter IBM configures the trading partner’s account using information collected on the \\nquestionnaire, IBM provides the trading partner with a URL, as well as a user ID and password, to connect to the File Transfer Service. The trading partner then works together with IBM to test the connection to File Transfer Service. Chapter 8. IBM Sterling B2B Cloud Service scenarios 317Onboarding the S/FTP partner\\nEach of the customer’s S/FTP partner uses their S/FTP client software to access File Transfer \\nService and they complete an S/FTP servic e questionnaire which collects the following \\ninformation:\\n/SM590000Company name and contact information\\n/SM590000S/FTP service details such as S/FTP client software, authentication method and type of \\ndata to be transferred\\n/SM590000Access method such as by Internet or VPN connection\\nAfter IBM configures the trading partner’s account using information collected on the \\nquestionnaire, IBM provides the trading partner with a URL and a user ID and password to connect to the File Transfer Service. The trading partner then works together with IBM to test the connection to File Transfer Service.\\n8.1.4  Testing the scenario\\nFor our testing, the customer us es FileZilla to connect to File  Transfer Service over FTP/S \\nprotocol to send data to trading partners. All the trading partners  also use FileZilla to connect \\nto File Transfer Service over FTP , FTP/S, or S/FTP protocol to receive data from the customer. \\nSending data to the FTP partner\\nFollow these steps to send a file to an FTP partner:\\n1. The customer connects to File Transfer  Service using FileZilla. See Figure 8-2.\\nFigure 8-2   Connection parameters\\n 318 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer Solutions2. The Customer drags the file to the COMMIT folder to upload the file (Figure 8-3). In our \\nscenario, File Transfer Service is configured to route files based on their names.\\nFigure 8-3   Uploading file using FileZilla\\n3. The FTP partner connects to File Trans fer Service using FileZilla. See Figure 8-4.\\nFigure 8-4   Uploading file using FileZilla\\n Chapter 8. IBM Sterling B2B Cloud Service scenarios 3194. The FTP partner drags the file from the RECEIVE folder to download the file. See \\nFigure 8-5.\\nFigure 8-5   Downloading file using FileZilla\\nSending data to the FTP/S partner\\nFollow these steps to send a file to an FTP/S partner:\\n1. The customer connects to File Transfer Serv ice using FileZilla and drags the file to the \\nCOMMIT folder to upload  the file. See Figure 8-6.\\nFigure 8-6   Uploading file using FileZilla\\n 320 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer Solutions2. The FTP/S partner connects to File Tran sfer Service using FileZilla. See Figure 8-7.\\nFigure 8-7   Connection parameters\\n3. The FTP/S partner drags the file from the RECEIVE folder to download the file. See \\nFigure 8-8.\\nFigure 8-8   Downloading file using FileZilla\\n Chapter 8. IBM Sterling B2B Cloud Service scenarios 321Sending data to the S/FTP partner\\nUse the following steps to send a file to an S/FTP partner:\\n1. The customer connects to File Transfer Serv ice using FileZilla and drags the file to the \\nCOMMIT folder to upload  the file. See Figure 8-9.\\nFigure 8-9   Uploading file using FileZilla\\n2. The S/FTP partner connects to File Transf er Service using FileZilla. See Figure 8-10.\\nFigure 8-10   Connection parameters\\n 322 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer Solutions3. The S/FTP partner drags the file from the RECEIVE folder to download the file. See \\nFigure 8-11.\\nFigure 8-11   Downloading file using FileZilla\\nInFlight docum ent tracking\\nIBM Sterling InFlight Data Mana gement is a visibility tool presenting a web interface for \\ntracking documents and generating reports. It tracks data associated with several services in IBM Sterling B2B Collaboration Network.\\nIn our scenario, the customer uses Inflight to track all of the documents sent to trading \\npartners (Figure 8-12) and the overall status of each document (Figure 8-13).\\nFigure 8-12   Most recent documents\\n Chapter 8. IBM Sterling B2B Cloud Service scenarios 323.\\nFigure 8-13   Document details\\n8.1.5  Conclusion\\nThis scenario demonstrates how to onboard and use IBM Sterling File Transfer Service to \\ntransfer Non-EDI files with trading partners. The onboard process is quick and simple. All the customer needs to do is to provide connection information and configure its client software to connect to the cloud service. IBM takes care of the configuration for both the customer and its trading partners. The file to be transferred can be larger than one gigabyte. A wide range of transfer protocols is supported, including FTP(S), SFTP , OFTP2, AS2, and Connect:Direct. And as a centralized visibility tool, IBM St erling InFlight Data Management helps the \\ncustomer to keep track of their files.\\n 324 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer Solutions8.2  EDI-based B2B cloud scenario\\nThe second scenario that we cover in this chapter is the EDI-based B2B cloud scenario.\\n8.2.1  Business value\\nITSOSupplyChainCloud is a company in which 50% of its suppliers do not have the capability \\nto handle EDI transactions. They are still using ph one, fax, e-mail, and the postal service to \\nreceive purchase orders (POs), and to send advance ship notices (ASNs) and invoices.\\nThe company conducted a study and revealed that the average cost of processing a paper \\ndocument is $10, regardless of volume per partner. In order to maximize ROI of their investment, they must either automate more documents or more partners. They have done all they can to compel suppliers to use EDI, but these remaining suppliers have their own business reasons for not operating their own EDI systems.\\nThrough surveying their Non-EDI suppliers, they find that half  of them are willing to use a \\nweb-enabled method, if sponsored by their customer, to receive POs and send ASNs and invoices.\\nThe business areas agree to fund this initiative to deploy IBM Sterling Web Forms. They are \\nlooking for the following business benefits:\\n/SM590000Faster turnaround on important business documents (POs, order acknowledgements, \\nASNs, invoices, and so on.)\\n/SM590000More accurate data sent and received, no re-keying, fewer errors, less rework\\n/SM590000Reduced labor, transaction, and operations costs\\n/SM590000Improved efficiencies throughout their supply chain\\n/SM590000Improved internal business processes\\n8.2.2  Presenting the scenario\\nIn this scenario, we onboard ITSOSupplyChainCloud to use IBM Sterling B2B Collaboration \\nNetwork, and its EDI trading partners are onboarded on the other side. We also onboard Non-EDI trading partners of ITSOSupplyChainCloud to use IBM Sterling Web Forms.\\nWe establish one discreet AS2 connection to bring ITSOSupplyChainCloud up to IBM \\nSterling B2B Collaboration Network. Each of its EDI trading partners also have one discreet AS2 connection to IBM Sterling B2B Collaboration Network. Each of its Non-EDI trading partners uses a web browser to access IBM Sterling Web Forms to exchange business documents electronically over the Internet with the customer. Chapter 8. IBM Sterling B2B Cloud Service scenarios 325Figure 8-14 shows the connectivity choice of this scenario in a high-level perspective.\\nFigure 8-14   Scenario overview\\n8.2.3  Configuring the scenario\\nAfter depicting at a high level the connectivity choice of the scenario, we explain in detail the \\nonboard process of both Sterling B2B Collaboration Network and Web Forms.\\nOnboarding of IBM Sterling B2B Collaboration Network\\nOnboarding the customer and EDI trading partners in this scenario to use Sterling B2B \\nCollaboration Network is almost the same as the onboarding process of IBM Sterling File Transfer Service in the first scenario of the ch apter. However, the two cloud services use \\nseparate connections.\\nThe customer and EDI trading partners use their AS2 client software to connect to Sterling \\nB2B Collaboration Network. They complete an  AS2 service questionnaire that collects the \\nfollowing information:\\n/SM590000Company name and contact information\\n/SM590000AS2 service details such as AS2 client software, AS2 identifier, AS2 certificate and AS2 \\nendpoint address\\n/SM590000Access method such as by Internet or VPN connection\\nAfter IBM configures their accounts using information collected on the questionnaire, IBM \\nprovides them with an AS2 identifier, an AS2 certificate and an AS2 endpoint address of Sterling B2B Collaboration Network that they enter into their AS2 client software to connect to the cloud service. IBM also provides them with accounts of the visibility tool, which is called \\nIBM Sterling Document Tracking. They then work together with IBM to test the connection.\\n 326 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsOnboarding of IBM Sterling Web Forms\\nSterling Web Forms uses automated online registration to enable faster partner onboarding. \\nThe customer sponsors a Sterling Web Forms community and sends a community password to its Non-EDI trading partners so that they can register to join the community. See Figure 8-15.\\nFigure 8-15   Web Forms registration\\n8.2.4  Testing the scenario\\nFor our testing, the customer and EDI partners use IBM Sterling B2B Integrator to connect to Sterling B2B Collaboration Network over AS2 protocol to send and receive EDI document. Non-EDI partners use a web browser to access IBM Sterling Web Forms site to receive electronic document translated from EDI.\\nSending data to an EDI partner\\nFollow these steps:\\n1. The customer puts the EDI document into the outbound folder on its file system. The \\nSterling B2B Integrator automatically picks up the document and sends it to Sterling B2B Collaboration Network. See Figure 8-16.\\n Chapter 8. IBM Sterling B2B Cloud Service scenarios 327Figure 8-16   Outbound folder of customer\\n2. The customer uses the dashboard of IBM Sterling B2B Integrator to track the business \\nprocess that sends the EDI document to Sterling B2B Collaboration Network (Figure 8-17) and Message Disposition Notification (MDN) sent back from the Sterling B2B Collaboration Network (Figure 8-18).\\nFigure 8-17   AS2SendSyncMDN business process\\n 328 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsFigure 8-18   MDN receipt\\n3. The EDI partner receives the document with Sterling B2B Integrator and it is extracted into \\nthe inbound folder on EDI partner’s file system. See Figure 8-19.\\nFigure 8-19   nbound folder of EDI partner\\n Chapter 8. IBM Sterling B2B Cloud Service scenarios 3294. The customer uses IBM Sterling Document Tracking to track the EDI document in the \\noutbox of its mailslot (Figure 8-20). The EDI partner also uses IBM Sterling Document Tracking to track the EDI document in the inbox of its mailslot (Figure 8-21).\\nFigure 8-20   Outbox view of customer’s mailslot\\nFigure 8-21   Inbox view of partner’s mailslot\\n 330 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsSending data to a Non-EDI partner\\n1. The customer puts the EDI document into the outbound folder on its file system. The \\nSterling B2B Integrator automatically picks up the document and sends it to the Sterling B2B Collaboration Network. The EDI do cument is shown in Example 8-1.\\nExample 8-1   EDI purchase order\\nISA*00*          *00*          *ZZ*ITSO2TEST      *ZZ*ITSO2PART2TST  \\n*111121*1145*U*00401*000000012*0*T*>~GS*PO*ITSO2TEST*ITSO2PART2TST*111121*1145*9*X*004010~ST*850*000000015~BEG*00*NE*PO0212112250**111121**AE~CSH*O~DTM*001*120120***20~N1*ST*ITSO Non EDI Partner*9*1234567890123~N3*101 Buy Street*Suite 800~N4*Buy City*TX*75757*USA~N1*BT*ITSO Non EDI Partner*9*0987654321098~N3*PO Box 1000~N4*Bill City*TX*76767*USA~PO1*1*50*EA*2.35*SR*UP*100020003001~CTP******DIS*.85~PID*F****Pens Ballpoint Fine10PK~PO1*2*50*EA*2.35*SR*UP*100020003002~CTP******DIS*.85~PID*F****Pens Ballpoint Med 10PK~PO1*3*200*EA*3.5*SR*UP*100020004101~CTP******DIS*.55~PID*F****Crayons 48/Box~PO1*4*100*EA*4.5*SR*UP*100020004102~CTP******DIS*.55~PID*F****Crayons 64/Box~PO1*5*80*EA*5*SR*UP*100040005001~CTP******DIS*.7~PID*F****Notebook 5-Subj Spiral~CTT*5*480~SE*17*000000015~GE*1*9~IEA*1*000000012~\\n2. The Non-EDI partner accesses the IBM Sterling Web Forms website to receive Web Form \\ntranslated from the EDI document. See Figure 8-22. Chapter 8. IBM Sterling B2B Cloud Service scenarios 331Figure 8-22   IBM Sterling Web Forms\\n8.2.5  Conclusion\\nThis scenario demonstrates how to onboard and use IBM Sterling B2B Collaboration Network \\nand IBM Sterling Web Forms to transfer EDI files with trading partners, regardless of whether a trading partner has EDI capability. \\nFor customers who wants to automate its EDI transactions with Non-EDI partners, community \\nservices hosted in Sterling B2B Collaboration Network such as IBM Sterling Web Forms and IBM Sterling Fax Conversion Services are provided. The customer sponsors a community and invites its Non-EDI trading partners to register to join the community. Then the customer connects to the Sterling B2B Collaboration Network to exchange EDI documents with its Non-EDI partners and use IBM Sterling Document Tracking to keep track of its documents. In this scenario, Non-EDI partners use IBM Sterling Web Forms to receive and send electronic documents in HTML format. Translation between EDI documents and Web Forms is automatically done behind the scene.\\n 332 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer Solutions © Copyright IBM Corp. 2012. All rights reserved. 333Appendix A. Additional material\\nThis book refers to additional material that can be downloaded from the Internet as described \\nin the following sections. \\nLocating the Web material\\nThe Web material associated with this book is available in softcopy on the Internet from the IBM Redbooks Web server. Point your Web browser at:\\nftp://www.redbooks.ibm.com/redbooks/ SG247992\\nAlternatively, you can go to the IBM Redbooks website at:\\nibm.com/redbooks\\nSelect the Additional materials and open the directory that corresponds with the IBM \\nRedbooks form number, SG247992.A 334 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer SolutionsUsing the Web material\\nThe additional Web material that accompanies this book includes the following files:\\nFile name Description\\nSCS_DataPowerArtifacts.zip  Contains DataPower Import f ile to fully configure the \\nsimulated partner, the X.509 certificates used in the profiles, and the EDI test file.\\nSCS_WTXArtifacts1.zip Contains the compliance artifacts needed to execute the \\nX12 compliance maps. When extr acted, the zip will create \\nthe directory structure, and put all configuration files and map files in the proper location. The zip should be extracted at the root directory of the se rver that will host the Sterling \\nB2B Integrator.\\nSCS_WTXArtifacts2.zip Contains the Project Interchange needed to create the \\nExtender Project needed to build the maps needed for this scenario. From within WebSphere Transformation Extender Design Studio, import this zip as a Project Interchange.\\nChapter5_WMB_HealthCareESB.zip  Contains the WebSphere MQ Project Interchange \\nthat we created for Chapter 5, “Health Insurance scenario” on page 103.\\nChapter6_WMB_Finance.zip Contains the WebSphere MQ Project Interchange that we \\ncreated for Chapter 6, “Financial Services scenario” on page 177.\\nSystem requirements for downloading the Web material\\nThe Web material requires the following system configuration:\\nHard disk space :1 0  M B  m i n i m u m\\nOperating System : Windows/Linux\\nDownloading and extrac ting the Web material\\nCreate a subdirectory (folder) on your workstation, and extract the contents of the Web \\nmaterial .zip file into this folder. © Copyright IBM Corp. 2012. All rights reserved. 335Related publications\\nThe publications listed in this section are considered particularly suitable for a more detailed \\ndiscussion of the topics covered in this book.\\nIBM Redbooks\\nThe following IBM Redbooks publications provide additional information about the topic in this book. Note that some publications referenced in  this list might be available in softcopy only. \\n/SM590000IBM WebSphere DataPower B2B Appliance XB60 Revealed , SG24-7745\\nYou can search for, view, download or order these documents and other Redbooks, \\nRedpapers, Web Docs, draft and additional materials, at the following website: \\nibm.com/redbooks\\nOnline resources\\nThese websites are also relevant as further information sources:\\n/SM590000ANSI ASC X12 EDI standard:\\nhttp://www.x12.org/x12org/about/X12History.cfm\\n/SM590000FAQ site on different options in implementing an ESB solution:\\nhttp://www-01.ibm.com/software/integration/wsesb/v6/faqs.html#provide\\n/SM590000IBM Sterling Connect:Direct File Agent Configuration Guide:\\nhttp://www.sterlingcommerce.com/documentation/home/MFT/ConnectDirect/File%20Age\\nnt/CD%20FileAgent14/CDFAConfigGuide.pdf\\n/SM590000IBM Sterling Connect:Direct Process Language Reference Guide:\\nhttp://www.sterlingcommerce.com/documentation/home/MFT/ConnectDirect/File%20Age\\nnt/CD%20FileAgent14/CDFAConfigGuide.pdf\\n/SM590000IBM DeveloperWorks articles on message based integration choices:\\nhttps://www.ibm.com/developerworks/wikis/display/esbpatterns/Message-based+Inte\\ngrationhttp://www.ibm.com/developerworks/library/ws-enterpriseconnectivitypatterns/index.html\\n/SM590000“What’s new in Version 8.0” section in the WebSphere Message Broker V8.0 Information \\nCenter:\\nhttp://publib.boulder.ibm.com/infocenter/wmbhelp/v8r0m0/topic/com.ibm.etools.mf\\nt.doc/bb23110_.htm\\n/SM590000“Which XML parser should you use” in the WebSphere Message Broker Information \\nCenter:\\nhttp://publib.boulder.ibm.com/infocenter/wmbhelp/v8r0m0/index.jsp?topic=/com.ib\\nm.etools.mft.doc/ad70530_.htm 336 End-to-end Integration with IBM Sterling B2B Integration and Managed File Transfer Solutions/SM590000IBM Developer Works articles on WebSphere Transformation Extender:\\nhttp://www-01.ibm.com/software/integration/wdatastagetx/\\n/SM590000WebSphere MQ Information Center, WebSphere MQ clusters:\\nhttp://publib.boulder.ibm.com/infocenter/wmqv6/v6r0/index.jsp?topic=%2Fcom.ibm.\\nmq.csqzah.doc%2Fqc10120_.htm\\n/SM590000IBM Sterling Connect:Direc t Installation Guide:\\nhttp://www.sterlingcommerce.com/documentation/home/MFT/ConnectDirect/Windows/CD\\n%20Windows46/CDWindowsGettingStarted.pdf\\n/SM590000IBM Sterling Connect:Direct File Agent Configuration Guide:\\nhttp://www.sterlingcommerce.com/documentation/home/MFT/ConnectDirect/File%20Age\\nnt/CD%20FileAgent14/CDFAConfigGuide.pdf\\n/SM590000Sterling Secure Proxy 3.4 documentation:\\nhttp://www.sterlingcommerce.com/documentation/home/MFT/SSP/SSP.html\\nHelp from IBM\\nIBM Support and downloads:ibm.com/support\\nIBM Global Services:\\nibm.com/services (0.5” spine)\\n0.475”<->0.873”\\n250 <-> 459 pagesEnd-to-end Integration with IBM Sterling B2B \\nIntegration and Managed File Transfer SolutionsEnd-to-end Integration with IBM Sterling B2B Integration and Managed End-to-end Integration with IBM Sterling B2B Integration and \\nManaged File Transfer Solutions\\nEnd-to-end Integration with IBM Sterling B2B Integration and Managed File  End-to-end Integration with IBM \\nSterling B2B Integration and Managed File Transfer Solutions\\nEnd-to-end Integration with IBM \\nSterling B2B Integration and Managed File Transfer Solutions  ®\\nSG24-7992-00 ISBN 0738436925INTERNATIONAL \\nTECHNICAL\\nSUPPORTORGANIZATION\\nBUILDING TECHNICAL INFORMATION BASED ON PRACTICAL EXPERIENCE\\nIBM Redbooks are developed \\nby the IBM International \\nTechnical Support Organization. Experts from \\nIBM, Customers and Partners \\nfrom around the world create timely technical information \\nbased on realistic scenarios. \\nSpecific recommendations are provided to help you \\nimplement IT solutions more \\neffectively in your environment.\\nFor more information:ibm.com /redbooks®\\nEnd-to-end Integration with \\nIBM Sterling B2B Integration and \\nManaged File Transfer Solutions\\nImplement an \\nend-to-end \\nintegration with IBM \\nSterling and WebSphere Portfolios\\nLearn how to design a \\nB2B solution for small \\nand large partners\\nExperiment with real \\nlife scenariosAcross numerous vertical industries, enterprises are challenged to \\nimprove processing efficiency as transactions flow from their business communities to their internal systems and vice versa, simplify management and expansion of the external communities, accommodate customer and supplier preferences, govern the flow of information, enforce policy and standards, and protect sensitive information. Throughout this process, external partners must be on-boarded and off-boarded, information must flow across multiple communications infrastructures, and data must be mapped and transformed for consumption across multiple applications. \\nSome transactions require synchronous or real-time processing while \\nothers are of a more periodic nature. For some classes of customer or supplier, the enterprise might prefer a locally-managed, on-premise solution. For some types of communities (often small businesses), an as-a-Service solution might be the best option. Many large enterprises combine the on-premise and as-a-Service approach to serve different categories of business partners (customers or suppliers).\\nThis IBM Redbooks publication focuses on solutions for end-to-end \\nintegration in complex value chains and presents several end-to-end common integration scenarios with IBM Sterling and IBM WebSphere portfolios.\\nWe believe that this publication will be a reference for IT Specialists \\nand IT Architects implementing an integration solution architecture involving IBM Sterling and IBM WebSphere portfolios.Back cover', 'url': 'http://www.redbooks.ibm.com/abstracts/sg247992.html', 'keywords': '', 'categories': ''}\n",
      "\n",
      "\n",
      "\n"
     ]
    }
   ],
   "source": [
    "# iterate the nested dictionaries inside the [\"hits\"][\"hits\"] list\n",
    "for num, doc in enumerate(all_hits):\n",
    "    print (\"DOC ID:\", doc[\"_id\"], \"--->\", doc, type(doc), \"\\n\")\n",
    "\n",
    "    # Use 'iteritems()` instead of 'items()' if using Python 2\n",
    "    for key, value in doc.items():\n",
    "        print (key, \"-->\", value)\n",
    "\n",
    "    # print a few spaces between each doc for readability\n",
    "    print (\"\\n\\n\")\n",
    "    break"
   ]
  },
  {
   "cell_type": "markdown",
   "id": "7b8c1b13",
   "metadata": {},
   "source": [
    "### 4. Query which is only for IBM Developers"
   ]
  },
  {
   "cell_type": "code",
   "execution_count": 26,
   "id": "b868b949",
   "metadata": {},
   "outputs": [],
   "source": [
    "search_query4 = {\"query\": {\n",
    "    \"query_string\": {\n",
    "      \"query\": \"published_source: IBM Developer\" \n",
    "    }\n",
    "}}"
   ]
  },
  {
   "cell_type": "code",
   "execution_count": 27,
   "id": "eee72eb0",
   "metadata": {},
   "outputs": [],
   "source": [
    "# Perform the initial search to obtain the first batch of results\n",
    "response = es_client.search(\n",
    "    index=index_name,\n",
    "    body=search_query4,\n",
    "    scroll='5m',  # Set the scroll timeout (e.g., 5 minutes)\n",
    "    size=10  # Set the number of documents to retrieve per scroll\n",
    ")"
   ]
  },
  {
   "cell_type": "code",
   "execution_count": 28,
   "id": "bfb0ab0e",
   "metadata": {},
   "outputs": [
    {
     "name": "stdout",
     "output_type": "stream",
     "text": [
      "10\n"
     ]
    }
   ],
   "source": [
    "all_hits = response['hits']['hits']\n",
    "print(len(all_hits))"
   ]
  },
  {
   "cell_type": "code",
   "execution_count": 29,
   "id": "118062e7",
   "metadata": {},
   "outputs": [
    {
     "name": "stdout",
     "output_type": "stream",
     "text": [
      "DOC ID: I7LSP4kBf6jOYblFru5S ---> {'_index': 'superknowa', '_type': '_doc', '_id': 'I7LSP4kBf6jOYblFru5S', '_score': 8.595369, '_source': {'id': ' From chemistry to coding: Changing careers to become a software developer\\n', 'published_source': 'IBM Developer', 'publish_date': '2020-11-10', 'last_update_date': '2020-11-10', 'indexing_date': '2023-07-10', 'content': '  Some people say that it doesn\\'t matter how you start, what matters is how you finish! And no truer words have been spoken, especially with regards to your career and professional life. Last year I graduated from college with a Bachelor of Science in Chemistry. Less than a year later I became a Systems Back End Software Engineer at IBM without a formal computer science degree. And today, I work at the Transaction Processing Facility in Poughkeepsie, where I develop and modernize an operations server console that handles transactions for several major credit card, hotels and airline companies. Most of my work is on the Java console for the z/TPF operating system. I also help process the linux build and package along with shipping code.  (Note: According to the 2020 Stack Overflow developer survey, 4.4% of professional developers have a background in natural sciences.)\\nMy journey to becoming a software developer began when I took my first computer science class as a senior in college. After that one class I realized that being a developer was my true passion! But with a degree in an unrelated discipline I didnâ\\x80\\x99t know how I could make the leap to becoming a professional developer. So, immediately after graduation, I completed an immersive software engineering boot camp at Flatiron School. While at that boot camp, I independently built scalable full-stack applications such as Facebook and Trello clones. I decided to attend a coding boot camp because I thought it would push me to learn as much as possible in the shortest period of time. After completing the boot camp, I applied for jobs and quickly accepted a position at IBM. \\nIf you are currently trying to become a software engineer, you first need to learn to code. And the best way to do that is by taking an introduction to computer science class. There are great supplemental resources on YouTube for introductory courses. Just make sure to attempt to figure out problems on your own before jumping right to the solutions. From there you can start learning how to build projects by applying your coding knowledge. While you work on projects, it\\'s important to also practice solving algorithms. Understanding data structures and algorithms was crucial for passing the technical interviews at nearly every company I applied to. I found that Elements of the Programming Interview and Cracking the Coding Interview are great resources for algorithm questions. \\nIn sharing my journey to become an enterprise developer from a non-traditional background (or what IBM calls \"New Collar skills\" ) I hope to inspire and provide advice to those who are looking to do the same. While the process is difficult, if you are willing to put in the effort and have a passion for technology you too can become a developer without a formal computer science degree. I go into more detail here in this complementary video I recorded for career-changers. \\n\\n\\nIf you are interested in more content like this video, make sure to check out my YouTube channel, https://www.youtube.com/c/GarrettHalstein, where I share tips, tutorials and advice on becoming a software professional. ', 'url': 'https://developer.ibm.com/blogs/ /blogs/from-chemistry-to-coding-changing-careers-to-become-a-software-developer\\n', 'keywords': \"['URL: /blogs/from-chemistry-to-coding-changing-careers-to-become-a-software-developer\\\\nupdated_date: 2020-11-10T00:00:00\\\\npublish_date: 2020-11-10T00:00:00\\\\ntitle: From chemistry to coding: Changing careers to become a software developer\\\\n', '  Insights and tips to becoming a software developer from a non-traditional background\\\\n']\", 'categories': \" ['developer-marketing']\\n\"}} <class 'dict'> \n",
      "\n",
      "_index --> superknowa\n",
      "_type --> _doc\n",
      "_id --> I7LSP4kBf6jOYblFru5S\n",
      "_score --> 8.595369\n",
      "_source --> {'id': ' From chemistry to coding: Changing careers to become a software developer\\n', 'published_source': 'IBM Developer', 'publish_date': '2020-11-10', 'last_update_date': '2020-11-10', 'indexing_date': '2023-07-10', 'content': '  Some people say that it doesn\\'t matter how you start, what matters is how you finish! And no truer words have been spoken, especially with regards to your career and professional life. Last year I graduated from college with a Bachelor of Science in Chemistry. Less than a year later I became a Systems Back End Software Engineer at IBM without a formal computer science degree. And today, I work at the Transaction Processing Facility in Poughkeepsie, where I develop and modernize an operations server console that handles transactions for several major credit card, hotels and airline companies. Most of my work is on the Java console for the z/TPF operating system. I also help process the linux build and package along with shipping code.  (Note: According to the 2020 Stack Overflow developer survey, 4.4% of professional developers have a background in natural sciences.)\\nMy journey to becoming a software developer began when I took my first computer science class as a senior in college. After that one class I realized that being a developer was my true passion! But with a degree in an unrelated discipline I didnâ\\x80\\x99t know how I could make the leap to becoming a professional developer. So, immediately after graduation, I completed an immersive software engineering boot camp at Flatiron School. While at that boot camp, I independently built scalable full-stack applications such as Facebook and Trello clones. I decided to attend a coding boot camp because I thought it would push me to learn as much as possible in the shortest period of time. After completing the boot camp, I applied for jobs and quickly accepted a position at IBM. \\nIf you are currently trying to become a software engineer, you first need to learn to code. And the best way to do that is by taking an introduction to computer science class. There are great supplemental resources on YouTube for introductory courses. Just make sure to attempt to figure out problems on your own before jumping right to the solutions. From there you can start learning how to build projects by applying your coding knowledge. While you work on projects, it\\'s important to also practice solving algorithms. Understanding data structures and algorithms was crucial for passing the technical interviews at nearly every company I applied to. I found that Elements of the Programming Interview and Cracking the Coding Interview are great resources for algorithm questions. \\nIn sharing my journey to become an enterprise developer from a non-traditional background (or what IBM calls \"New Collar skills\" ) I hope to inspire and provide advice to those who are looking to do the same. While the process is difficult, if you are willing to put in the effort and have a passion for technology you too can become a developer without a formal computer science degree. I go into more detail here in this complementary video I recorded for career-changers. \\n\\n\\nIf you are interested in more content like this video, make sure to check out my YouTube channel, https://www.youtube.com/c/GarrettHalstein, where I share tips, tutorials and advice on becoming a software professional. ', 'url': 'https://developer.ibm.com/blogs/ /blogs/from-chemistry-to-coding-changing-careers-to-become-a-software-developer\\n', 'keywords': \"['URL: /blogs/from-chemistry-to-coding-changing-careers-to-become-a-software-developer\\\\nupdated_date: 2020-11-10T00:00:00\\\\npublish_date: 2020-11-10T00:00:00\\\\ntitle: From chemistry to coding: Changing careers to become a software developer\\\\n', '  Insights and tips to becoming a software developer from a non-traditional background\\\\n']\", 'categories': \" ['developer-marketing']\\n\"}\n",
      "\n",
      "\n",
      "\n"
     ]
    }
   ],
   "source": [
    "# iterate the nested dictionaries inside the [\"hits\"][\"hits\"] list\n",
    "for num, doc in enumerate(all_hits):\n",
    "    print (\"DOC ID:\", doc[\"_id\"], \"--->\", doc, type(doc), \"\\n\")\n",
    "\n",
    "    # Use 'iteritems()` instead of 'items()' if using Python 2\n",
    "    for key, value in doc.items():\n",
    "        print (key, \"-->\", value)\n",
    "\n",
    "    # print a few spaces between each doc for readability\n",
    "    print (\"\\n\\n\")\n",
    "    break"
   ]
  },
  {
   "cell_type": "markdown",
   "id": "1ba8e690",
   "metadata": {},
   "source": [
    "### 5. Query which is not content for Redbooks"
   ]
  },
  {
   "cell_type": "code",
   "execution_count": 30,
   "id": "43e2c1a5",
   "metadata": {},
   "outputs": [],
   "source": [
    "search_query5 ={\n",
    "  \"query\": {\n",
    "    \"bool\": {\n",
    "      \"must\": [\n",
    "        { \"match\": { \"content\": \"A 2-node IBM Sterling B2B Integrator (SBI) clustered solution is being designed. The customer will initiate connections with external partners using HTTP, FTP and SFTP protocols. For load balancing and fail over purposes 2 client adapters for each protocol are configured on each node and Service Groups are being used. How many Service Groups\" }}\n",
    "      ],\n",
    "      \"must_not\": [\n",
    "        { \"match\": { \"published_source\": \"Redbooks\" }}\n",
    "      ]\n",
    "    }\n",
    "  }\n",
    "}"
   ]
  },
  {
   "cell_type": "code",
   "execution_count": 35,
   "id": "4f901757",
   "metadata": {},
   "outputs": [],
   "source": [
    "# Perform the initial search to obtain the first batch of results\n",
    "response = es_client.search(\n",
    "    index=index_name,\n",
    "    body=search_query5,\n",
    "    scroll='5m',  # Set the scroll timeout (e.g., 5 minutes)\n",
    "    size=10  # Set the number of documents to retrieve per scroll\n",
    ")"
   ]
  },
  {
   "cell_type": "code",
   "execution_count": 36,
   "id": "311a228f",
   "metadata": {},
   "outputs": [
    {
     "name": "stdout",
     "output_type": "stream",
     "text": [
      "10\n"
     ]
    }
   ],
   "source": [
    "all_hits = response['hits']['hits']\n",
    "print(len(all_hits))"
   ]
  },
  {
   "cell_type": "code",
   "execution_count": 46,
   "id": "c54d30b3",
   "metadata": {},
   "outputs": [
    {
     "name": "stdout",
     "output_type": "stream",
     "text": [
      "DOC URL: https://www.ibm.com/support/pages/node/6354959 ---> \n",
      "\n",
      "DOC Source: IBM White Paper \n",
      "\n",
      "DOC content:  Invincible Supply Chain\n",
      "Reference Architecture for Mission-Critical \n",
      "SAP® Advanced Planning & Optimization\n",
      "in SAP liveCache with HotStandby\n",
      "  Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 3High availability for SAP® Supply Chain Management\n",
      "SAP Advanced Planning & Optimization\n",
      "SAP liveCache\n",
      "DB2 HADR\n",
      "SAN Volume Controller\n",
      "PowerHA System Mirror\n",
      "Tivoli System Automation for Multiplatforms\n",
      "Invincible Supply Chain\n",
      "High Availability for Mission-Critical\n",
      "SAP Advanced Planning & Optimization\n",
      "– Design, Reference Architecture, and Proof of Concept –\n",
      "IBM SAP International Competence Center (ISICC)\n",
      "Walldorf, Germany\n",
      "IBM Storage Lab Services, Mainz, Germany\n",
      "IBM Boeblingen Lab, Rot, Germany\n",
      "SAP teams:\n",
      "SAP Labs, Berlin, Germany\n",
      "Performance, Data Management, and Scalability, Walldorf, Germany\n",
      "Solution Management, Supply Chain Management, Walldorf, Germany\n",
      "Product Management, Supply Chain Management, Walldorf, Germany Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 421/ June 2011\n",
      "1 Table of Contents\n",
      "1 T able of Contents ....................................................................................................................... 4\n",
      "2 Preface ........................................................................................................................................ 5\n",
      " 2.1 Document scope .............................................................................................................. 5\n",
      " 2.2 Special notices ................................................................................................................. 5\n",
      " 2.3 Version information ........................................................................................................ 5\n",
      " 2.4 Document layout and design .......................................................................................... 5\n",
      " 2.5 Authors of this document ................................................................................................ 6\n",
      " 2.6 With gratitude and acknowledgment of our sponsors ................................................... 6\n",
      " 2.7 Project team .................................................................................................................... 7\n",
      "3 Introduction – Why High Availability for SAP Advanced Planning & Optimization ............. 8\n",
      "4 Benefits Summary .................................................................................................................... 10\n",
      " 4.1 T arget industries and solutions ..................................................................................... 10\n",
      " 4.2 HotStandby versus a failover solution .......................................................................... 12\n",
      "5 Available-to-Promise – A Day in the Life ............................................................................... 14\n",
      "6 Proof of Concept Scope ........................................................................................................... 16\n",
      " 6.1 Application scope and goals .......................................................................................... 17\n",
      " 6.2 Summary of KPI results ................................................................................................ 23\n",
      "7 Design Components of the Infrastructure .............................................................................. 26\n",
      " 7.1 Infrastructure scope and stack ....................................................................................... 26\n",
      " 7.2 High-availability infrastructure design on Power servers – the basis .......................... 30\n",
      " 7.3 Tivoli clustering – Tivoli System Automation for MultiPlatforms ............................. 49\n",
      " 7.4 Tivoli clustering for IBM DB2 HADR ........................................................................ 50\n",
      " 7.5 Tivoli clustering for SAP central services for ABAP (ASCS instance) ........................ 60\n",
      " 7.6 SAP liveCache with HotStandby design and requirements ......................................... 68\n",
      " 7.7 Design of the PowerHA Cluster for SAP liveCache HotStandby ............................... 77\n",
      "8 Summary and Conclusions ...................................................................................................... 97\n",
      "9 Appendix ................................................................................................................................... 98\n",
      " 9.1 Related documents and sources of further information ............................................... 98\n",
      " 9.2 SAP liveCache versions ................................................................................................. 99\n",
      " 9.3 AIX, PowerHA, and Java versions ................................................................................ 99\n",
      " 9.4 Tivoli SA MP and DB2 HADR versions .................................................................... 101\n",
      " 9.5 Power Systems, AIX, and storage versions ................................................................. 101\n",
      "10 Copyrights and T rademarks ................................................................................................... 102\n",
      "11 Disclaimer and Special Notices ............................................................................................. 103 Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 52 Preface\n",
      "2.1\t Document\tscope\n",
      "This document is intended for architects and implementations teams that have the responsibili -\n",
      "ty of designing and implementing a highly available infrastructure stack for the SAP® Advanced \n",
      "Planning & Optimization (SAP APO) component in a mission-critical landscape.\n",
      "2.2\t Special\tnotices\n",
      "Copyright© IBM Corporation, 2011 All Rights Reserved. \n",
      "All trademarks or registered trademarks mentioned herein are the property of their respective \n",
      "holders. \n",
      "2.3\t Version\tinformation\n",
      "This is version 1.1 of this document including architecture, design and concept.Online versions of this document and subsequent releases can be found at this website:http://www.ibm.com/support/techdocs/atsmastr.nsf/WebIndex/WP100677\n",
      "2.4\t Document\tlayout\tand\tdesign\n",
      "This document is separated into component areas. Each clustered component of this infrastruc -\n",
      "ture stack can be implemented independently of the other clusters. Therefore, the document groups the basis component and the cluster solution for each of the component areas together but provides no dependency on the sequence of installation. As an example, HADR with IBM\n",
      "® \n",
      "Tivoli® System Automation for Multiplatforms (SA MP) can be the only cluster in a supply chain \n",
      "management (SCM) system if high availability for all components is not deemed necessary (non-mission-critical load). Within each of the component areas, there is a sequence path. Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 62.5\t Authors\tof\tthis\tdocument\n",
      "• Carol Davis, Consulting IT Specialist, SAP International Competence Center\n",
      "• Elke Hartmann-Bakan, IT Specialist, SAP International Competence Center\n",
      "• Jan Muench, Advisory IT Specialist, IBM, Infrastructure and T echnology Service \n",
      "• Katharina Probst, Developer, IBM Boeblingen Lab\n",
      "2.6\t With\tgratitude\tand\tacknowledgment\tof\tour\tsponsors\n",
      "We thank those who have given the support and vision that allow us to provide these case studies \n",
      "in support of our joint customer needs.\n",
      "Juergen Primsch, Vice President, SAP MaxDB & SAP liveCache, SAPDr. Ulrich Marquard, Senior Vice President, Performance & Scalability, SAP Dr. Volkmar Soehner, Development Manager, SAP liveCache Applications, SAPBill Gilmour, Industry General Manager, Consumer Products, IBMEmily Benner, Director, System and T echnology Group, ISV T echnical Enablement, IBMMichelle Tidwell, Program Director, System Storage, ISV Enablement, IBMLaurent Montaron, Manager - POWER and Next-Generation Platform ISV\n",
      "programs, IBM\n",
      "Vandana Kumar, SAP Strategy and Enablement Manager, IBMDr. Antonio Palacin, Director of ISICC IBM SAP International Competence Center, Global \n",
      "IBM – SAP Alliance, IBM\n",
      "Robert D. Thomas, Vice President, Business Development, Information Management, IBMWe would also like to thank Tim Main, Consulting IT Specialist and IBM Client T echnical Ad-\n",
      "visor for Unilever, for his guidance throughout and the extended technical steering team whose insight into actual requirements was vital to this project. Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 72.7\t Project\tteam\n",
      "This project and its results come from the efforts of a joint IBM and SAP team, crossing many \n",
      "areas of specialization and responsibility. This type of team demonstrates the level of co-innova-tion enthusiasm and reflects the technical collaboration between these two companies.\n",
      "Name Responsibility Position Company\n",
      "Carol Davis Project Design andExecutionConsulting IT Specialist IBM\n",
      "Vandana Kumar Product Managementand Delivery T echnology Business Development Execu-tive, Systems and T echnology GroupIBM\n",
      "Elke Hartmann-Bakan DB2 HADR, Tivoli System Auto-mationIT Specialist, Data Management IBM\n",
      "Katharina Probst SAP liveCache  and   PowerHA Developer, HADR Solutions for SAP on AIXIBM\n",
      "Jan Muench HA Infrastructure and Virtualization Advisory IT Specialist, Power Systems IBM\n",
      "Werner Thesing SAP liveCache HA Development Architect, SAP MaxDB SAP \n",
      "liveCacheSAP\n",
      "Erika Wolf SAP Advanced Planning & Optimi-\n",
      "zation DPSAP liveCache Applications SAP\n",
      "Anette Foellmer SAP Advanced Planning & Optimi-zation DPSenior Developer, Performance and Sca-labilitySAP\n",
      "Oliver Goos HSS library IT Specialist, ESCC Mainz, Systems and T echnology Group, Lab ServicesIBM\n",
      "Blandine Alazard HSS library Advisory IT Specialist, ESCC Mainz/ Sys-\n",
      "tems and T echnology Group, Lab ServicesIBM\n",
      "Gerald Heisig Available-to-Promise Product Management, Supply Chain \n",
      "Management SAP\n",
      "Claus Bosch Available-to-Promise Solution Manager, Supply Chain Manage-mentSAP\n",
      "Wolfram Schick Available-to-Promise Development Architect, Supply Chain ManagementSAP\n",
      "Ivan Sesar Available-to-Promise Product Management, Supply Chain ManagementSAP\n",
      "Ulrich Mast Available-to-Promise Solution Manager, Supply Chain Manage-mentSAP\n",
      "Marc-Stephan T auchert Performance andSizingCertified SAP T echnical Specialist, SAP Growth ProgramIBM\n",
      "Ursula Zachmann Performance and Sizing IT Specialist, SAP Solutions IBM\n",
      "Dr. Helmut Mueller Landscape Discovery and  MonitoringSenior Client IT Architect IBM\n",
      "With technical contributions from:\n",
      "• Walter Orb, Consulting IT Specialist, IBM SAP International Competence Center \n",
      "• Maik Gasterstaedt, IT Specialist Storage, IBM SAP international Competence Center\n",
      "• Andreas Schauberer, Tivoli Development, IBM Boeblingen Lab\n",
      "• Hinnerk Gildhoff, Software Developer, DB2 HADR SAP , IBM Böblingen Lab\n",
      "• Olaf Depper, IT Specialist, DB2 SAP , IBM Böblingen Lab\n",
      "• Bernhard Buehler, IT Specialist, Systems and T echnology Group, Lab Services, IBM Germany Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 83 Introduction – Why High Availability for SAP Advanced \n",
      "Planning & Optimization\n",
      "SAP Advanced Planning & Optimization (SAP APO) is an advanced planning and scheduling software that provides the tools needed to optimize supply chain processes at strategic, tactical, and operational planning levels. Demand planning, supply network planning, and production pl -\n",
      "anning and detailed scheduling are three of the core business scenarios addressed by this compo -\n",
      "nent. For companies operating worldwide, planning information must be made available across system boundaries as quickly as possible to support business efficiency. Global available-to-pro-mise (global ATP) in SAP Advanced Planning & Optimization provides this key functionality. \n",
      "The architecture of SAP APO spans two databases: the typical SAP application or ABAP™\n",
      "1 \n",
      "database, and the memory resident database used for optimization and planning, which is the \n",
      "proprietary SAP liveCache. These two databases are logically interlinked at application level, but do not know each other at database level. Related but unique data exists in each of the two data -\n",
      "bases, but neither has the complete data content.  If these two databases lose their data synchro -\n",
      "nization, which can result from an infrastructure failure, or the need to restore one or the other of the two, the application provides the means to resynchronize at application level. This resyn -\n",
      "chronization will normally result in the identification of data that exists in one database and for which there is no reference in the other. Restoring synchronization will require an understanding of the significance of the data and the ability to take informed decisions. In summary, the recove-ry driven from the application level may have an extremely long path length and require expert business skills.\n",
      "LC\n",
      "DBSAP NetWeaver Business Client\n",
      "SAPGU I 7.10 Web Dympro for ABAP\n",
      "Optimizer 7.0SAP liveCache 7.7\n",
      "Geocoding 7.0SAP SC M 7.0\n",
      "SAP APO Application\n",
      "ABAP\n",
      "databaseMaster and transactional \n",
      "data viewTime Series and \n",
      "planning v iew\n",
      "Figure 3.1: Overview of SAP APO architecture with liveCache and the SAP SCM optimizer\n",
      "As failures come in many different guises, from logical errors to infrastructure disasters, this re -\n",
      "covery is part of the operational lifecycle of any production system. The goal is to extend dura -\n",
      "tion of the undisrupted production time to the maximum possible. A logical error is something the infrastructure cannot protect against, but there are many situations in which the design of the infrastructure and middleware can support the application and the business. \n",
      "1 Database  used  for  master  and  transactional  data,  customizing,  and  ABAP  objects  that  provide  the  busi -\n",
      "ness  content  of  the  SAP  system.  ABAP is  a  proprietary  object-oriented  programming  language  from  SAP . Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 9The proof of concept being described in this document looks at some of these options. The focal \n",
      "point is a joint IBM and SAP solution around the SAP liveCache component itself to ensure high availability and very fast recovery without data loss.\n",
      "As SAP liveCache is a component of the SAP Supply Chain Management (SAP SCM) applica -\n",
      "tion, protecting SAP liveCache make sense when the SAP SCM system itself is highly available. \n",
      "SAP SCM itself is based on ABAP and the concept is therefore built on the current best practices for high-availability solutions for ABAP systems. The design then extends the availability con -\n",
      "cept to cover the ABAP database, the critical SAP central services software, and the infrastructure itself – top to bottom.\n",
      "This document describes reference architecture for SAP Advanced Planning & Optimization \n",
      "based on end-to-end high availability. \n",
      "The proof of concept is based on IBM Power systems™ technology, IBM DB2\n",
      "®, and two alter -\n",
      "native clustering solutions for high availability – Tivoli System Automation for Multiplatforms, \n",
      "and IBM PowerHA®. \n",
      "The choice of DB2 database was made because the functionality DB2 HADR (which includes features such as independent data images, closely synchronized, and quick failover) fits very well in the target solution. DB2 is also tightly integrated with SAP software and with the Tivoli Sys-tem Automation for Multiplatforms (Tivoli SA MP) cluster solution.\n",
      "SAP delivers Tivoli SA MP clustering as part of the SAP solution for DB2 HADR. The im -\n",
      "plementation can be extended to cover the critical SAP components. This combination is used \n",
      "quite extensively for SAP ABAP-based systems, such as Enterprise Resource Planning (ERP), Customer Relationship Management (CRM), as well as Supply Chain Management (SCM). The portion of this document covering the critical SAP components and DB2 HADR is generally applicable to ABAP systems.\n",
      "SAP liveCache with HotStandby is a new feature that will be supported by the PowerHA cluster \n",
      "solution. As we demonstrate in this proof of concept, SAP liveCache  HotStandby solution provi -\n",
      "ded by PowerHA can also be integrated into an SAP SCM system that is using Tivoli clustering for the other critical SAP components and for HADR. Additionally, the proof of concept includes a cluster solution for DB2 HADR and the other criti -\n",
      "cal SAP components based on PowerHA, providing a complete PowerHA solution for situations where a mix of cluster technology is undesirable. Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 104 Benefits Summary\n",
      "This document shows the benefits to mission-critical SAP APO business processes provided by \n",
      "high availability for SAP SCM. Each component of the SCM stack is looked at separately and can be implemented as a separate cluster to provide high-availability building blocks for SAP APO or other ABAP-based core systems.\n",
      "The business benefits result from high availability and uninterrupted processing in online order \n",
      "confirmation and extremely fast return to business for production planning. In scenarios, such as service parts management, a five-minute downtime has been quoted as the limit before the business begins to suffer a loss. \n",
      "The solution presented here explains how this target can be met with effective component red -\n",
      "undancy, which also provides a cost-effective solution.\n",
      "4.1\t Target\tindustries\tand\tsolutions\n",
      "This proof of concept focuses on the following components:\n",
      "• IBM PowerVM™ technology – IBM POWER6® and IBM POWER7® processor-\n",
      "based servers\n",
      "• IBM System Storage® SAN Volume Controller (and any SAN storage) or IBM System \n",
      "Storage DS8300  \n",
      "• IBM AIX® 6.1\n",
      "• DB2 HADR\n",
      "• Tivoli System Automation for Multiplatforms\n",
      "• PowerHA SystemMirror for AIX \n",
      "In terms of SAP software, this information applies to:\n",
      "• SAP Advanced Planning & Optimization (SAP APO), including demand planning, \n",
      "supply and network planning, and production planning and detailed scheduling func -\n",
      "tionality \n",
      "• Integrated scenarios using SAP APO for available-to-promise (ATP) and Global availa-ble-to-promise (GATP) for resource availability and planning  \n",
      "• SAP Service Parts Planning application and other service parts management software  \n",
      "• SAP NetWeaver™ technology platform for ABAP and SAP NetWeaver Business \n",
      "Warehouse; SAP Supply Chain Management, SAP Customer Relationship Management, \n",
      "SAP ERP , and other ABAP-based software. Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 11Target industries typically using this software: \n",
      "Service parts management functionality in SAP SCM\n",
      "• Aerospace and defense\n",
      "• Automotive\n",
      "• Heavy equipment \n",
      "• Industrial machinery\n",
      "• Household appliances\n",
      "• High-tech\n",
      "SAP Advanced Planning & Optimization\n",
      "• Consumer products\n",
      "• Automotive\n",
      "• High-tech and electronics\n",
      "• Household appliances\n",
      "• Discrete manufacturing (industrial machinery and components)\n",
      "• Retail\n",
      "• Chemicals\n",
      "• Mill products and mining\n",
      "• Oil and gas\n",
      "• Life sciences\n",
      "• Wholesale\n",
      "SAP APO\n",
      "Demand PlanningAlert Monitor\n",
      "Supply Network Planning\n",
      "Global Available-to-PromiseProduction Planning &\n",
      "Detailed SchedulingSAP ERP\n",
      "Master\n",
      "Data\n",
      "RFCProduction Planning (PP)Supply Chain Execution Supply Chain Planning\n",
      "CIF\n",
      "Materials Management (MM)\n",
      "...Production Planning &\n",
      "Detailed SchedulingTransactional\n",
      "Data (real-time)\n",
      "Figure 4.1.1:  Diagram of an integrated SAP ERP and SAP SCM system used for ATP Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 124.2\t HotStandby\tversus\ta\tfailover\tsolution\n",
      "In a tightly integrated SAP landscape, the failure and subsequent recovery of a single system can \n",
      "have repercussions on other systems and the consistency of the data that might span more than one system. Resynchronization can be time-consuming. The objective of this high availability design is to avoid interruption as far as possible to the application level, by providing a robust infrastructure design with redundancy. Whenever the redundant hardware infrastructure cannot protect the system, for example, in the failure of the server itself, then recovery of the system moves to the next layer, provided by the clustering solution. The fastest recovery is provided by either HotStandby or by an active/passive design. This method of having two equal components with their own resources provides the more robust solution, as well as the fastest recovery.\n",
      "A traditional database failover restarts with a database crash image once the disks are successful -\n",
      "ly brought back online. The database attempting to restart the service has to recover the crash \n",
      "image, which normally includes rolling out all “in-flight” transactional data. Depending on what was happening at the time of failure, this recovery can take a significant amount of time. \n",
      "If the database is file system-based, which most are, the file systems themselves may need to be \n",
      "recovered before the database activity can begin. This can also take time depending on the num -\n",
      "ber and size of the file systems. \n",
      "In the case of SAP APO with SAP liveCache, the file systems are recovered, the crash image \n",
      "is used to realign data consistency by rolling back uncommitted transactions, and the SAP liveCache memory resident data cache is reconstructed. This data cache can be many gigabytes in size and also adds to the recovery time for the service.\n",
      "For a SAP APO system that has gone through a crash recovery, it is recommended to run an ap-\n",
      "plication level consistency check to ensure the data spanning the two databases of SAP APO are consistent. This can also take some significant time depending on the number of data objects.\n",
      "By this time, other processes may well have timed out.For online ATP , the expectation is that if the system takes longer than two to three minutes to \n",
      "recover, the order entry side of available-to-promise will be broken. Most likely the user will lose patience and kill the session, or the process may timeout in other areas of the technical infra -\n",
      "structure. The result is that materials will be left in temporary assignment and are unavailable until they are either manually recovered or some expiration date is set to clean them up. The result is that it may not be possible to confirm orders that really could have been confirmed be -\n",
      "cause necessary resources appear unavailable.\n",
      "For production planning batch jobs running in the overnight window, this might mean that \n",
      "skilled application people need to be available for the recovery after a failover. This can delay the time required to restart the jobs after service recovery. Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 13Redundant Data Images\n",
      "Redundant data images (as provided by the HotStandby and active/passive databases) provide an \n",
      "extra failback in case of an actual data corruption at physical level or loss of a storage server.\n",
      "A traditional failover, where the storage is taken over by a backup server, will use one copy of the \n",
      "data that is active on only one of the servers at any time. A failover server will take over the data from the failed server and rely on this data image to attempt to restart the lost functionality. If the data is corrupted, a restore of the database is necessary and archived logs will be reapplied to recover to the point in time of the failure. At this point, the resynchronization effort with other systems depends on the integration and dependencies of the business processes. \n",
      "As used in this proof of concept, DB2 HADR has a complete set of redundant data – both data -\n",
      "base and logs. These can be on separate storages servers in separate sites. HADR does have to do \n",
      "a certain amount of rollback recovery as part of the takeover to clean up the open transactions. This is done very quickly as the database is already online and active. For large batch planning jobs where one would intuitively expect to generate a large volume of rollback activity in case of a failover, this proves not to be the case. The commit rate of the planning application jobs is very high and, therefore, the recover requirement for rollback of uncommitted data after a failover is very low. \n",
      "SAP liveCache in HotStandby does no rollback recovery as it is only applying data from transac -\n",
      "tions. This is not a crash image but an active database in synchronization with the master. SAP liveCache itself can switch roles within seconds. The cluster software builds in a short delay \n",
      "to validate a failure before initiating a takeover. With the delay, the service is available within the two minutes failover target with all data intact. The consistency check is not necessary.\n",
      "With SAP liveCache in HotStandby, there are two redundant copies of the data, but there is a \n",
      "shared log. In case of a mirror corruption, you might be unfortunate to lose the log.\n",
      "In this case, it is possible to drop the corrupted log and recover SAP liveCache from the last valid \n",
      "save point. This would be much quicker then restoring the last version and trying to roll forward from archive logs. In both cases, the data which was in the online log will be missing and a re -\n",
      "synchronization with the SAP APO database will be necessary − but it will be considerably faster than a recovery.\n",
      "In summary, the major differences:\n",
      "• T wo separate versions of the data for higher data security\n",
      "• Active/standby database engines, with synchronized data status to take over in seconds \n",
      "with data consistency\n",
      "• Fast takeover avoids chain reaction of failing dependencies Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 145 Available-to-Promise – A Day in the Life\n",
      "A day in the life of a sales person in a collaboration supply chain scenario: \n",
      "A fictional, but possible, scenario to demonstrate one of the countless situations where customer \n",
      "satisfaction, indeed the sales itself, depends on punctual delivery and the guarantee of punctuality depends on reliable confirmation. What is the value of the theoretically fastest and most-sophis -\n",
      "ticated system if it is not there when it is mission critical?\n",
      "Picture a small building supplier somewhere:\n",
      "The day hang like a wet grey sock, and Harald, sipping his half-cold coffee, appeared to be bent on becoming part of a matching pair if his body posture was any indication. He sighed, and with a last longing glance, he put away the travel brochure of white sands and blue water, sweeping it with a despondent finality into a drawer. An unusual movement from the corner of his eye, caught his attention. His boss was steaming in his direction, weaving through the display arran -\n",
      "gements of luxury baths and building materials with an astonishing focus of purpose, headed directly toward Harald and the customer service desk. His whole body language emanated a hitherto unknown tension and excitement. He was being followed by two very serious and rather tired looking men carrying document folders.\n",
      "It was the order of the year! The large five-star hotel complex, going online with much fanfa -\n",
      "re and prominence, was the talk of the region. The captain of this luxury liner about to set sail \n",
      "had, however, caught a glimpse of a distant iceberg. The renowned firm scheduled to deliver the sumptuous Jacuzzi baths for the top category suites had informed the construction manager that a portion of their supply chain, on which this delivery depended, had unexpectedly gone into receivership. The delivery date would not be met.  The two men in tow, on this now glorious day, were the hotel’s construction manager himself and his lead architect. The boss was preparing to launch the lifeboats – 62 luxury Jacuzzi baths in four different models – all of which could be met by components in their portfolio and, accor -\n",
      "ding to the hotel architect, integrated into the hotel’s general design without major modification. The question on which all revolved was – could their firm deliver in time?\n",
      "All eyes were on Harald – for both his boss (who had specifically provided Harald with training \n",
      "on the new order and logistics system), and the other two gentlemen, Harald was now the man of the moment.\n",
      "It took nearly 40 minutes to get through the first three models and 50 of the 62 baths, each com -\n",
      "ponent a separate order line and the delivery of all components verified through the available-to-\n",
      "promise functionality of the logistics system. This system ensured that what was confirmed was either currently available or would be available to meet the delivery date, reserving materials and updating the order and production planning directly. Harald worked conscientiously and accu-rately – he would make no error on this order. Nevertheless, in the pauses between confirmation responses from the planning system, his concentration did allow for split-second interruptions (little dreamy flashes of tropical nature). Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 15It happened on the third to the last order line confirmation:\n",
      "In the middle of an order, a dialog box appeared on his screen! Some gibberish about “RFC con -\n",
      "nections failure” and “gateways”; he hit the Enter key again and the dreaded hourglass appeared. Something in the system had failed, leaving him with an unconfirmed and incomplete order and no idea on how he could proceed.\n",
      "Now we can leave Harald, sweating in despair, in desperate debate with the help desk assuring \n",
      "him that they are working on it while his potential customers begin tense conversations on their mobile phones, making detailed notes and eyeing the wall clock.\n",
      "Or …\n",
      "We can give Harald a break and provide him the system described in the rest of this document. \n",
      "In this case, he only needs to keep calm, perhaps offer coffee – and provide some friendly dis -\n",
      "traction. He can be confident that regardless what may have happened, the system will be back within two to three minutes. He can then continue exactly where he was interrupted, and com -\n",
      "plete those last few order lines.\n",
      "Let us be kind to Harald and say his company can meet the deadline and the 62 Jacuzzi baths are \n",
      "confirmed with guaranteed delivery from various locations. Let this company make its name as a reliable supplier with this large construction firm, and let Harald earn the commission of his young life. As this is fiction, we can easily do this. Nevertheless, this is a realistic and possible sales scenario. \n",
      "Sales order entry\n",
      "1.Select a product & quantity\n",
      "2.Verify availability\n",
      "3.Select a Product & Quantity\n",
      "Comm it OrderERP\n",
      "Available-to-promise  and\n",
      "Temporary Quantity Reservation  \n",
      "Confirm order quantity reserve TQSCM\n",
      "Commit temporary quantity reservations\n",
      "Confirm and plan resource requirementsStart\n",
      "SCM central services failure\n",
      "SCM database failure\n",
      "SCM SAP liveCache failureHarald\n",
      "MaldivesOrder\n",
      "Complete\n",
      "Figure 5.1 A day in the life Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 16We can replace Harald’s dilemma with of number of integrated supply chain scenario from sales \n",
      "to service parts planning.\n",
      "Short of collecting a commission and going off to the Maldives, the team writing this document \n",
      "assumed the part of Harald and went through these same steps to prove the speed of the infra -\n",
      "structure recovery and the business process recoverability provided by the integrated order entry and logistics system using SAP ERP and available-to-promise functionality in SAP APO. \n",
      "The team successfully completed the open order with business process consistency despite inter -\n",
      "vening database failure, SAP liveCache failure, server failure, storage failure. and various combi -\n",
      "nations thereof.  The target of this proof of concept is to provide an end-to-end high- availability \n",
      "system and demonstrate the application benefits such an infrastructure can provide.\n",
      "6 Proof of Concept Scope\n",
      "The proof of concept covers the design and implementation of a high-availability SAP APO sys -\n",
      "tem on a POWER7 processor-based server using infrastructure virtualization (PowerVM). The design of the infrastructure is intended to allow full access to functionality, such as Live Partition Mobility (LPM). For this purpose, the entire solution stack is based on virtual I/O (VIO).  Virtual I/O is a functionality that implements an abstraction layer between logical partitions being used as servers, and the physical I/O components of the machine. VIO Servers are special logical partitions (LPARs) that own the physical hardware adapters and provide the mapping of virtual adapters to physical adapters. Virtual adapters and devices are made available by the VIO Server to the server LPARs. This abstraction layer allows multiple server LPARs to use the same physical I/O adapter.\n",
      "A highly available cluster solution will require redundant I/O adapters, and alternative paths to \n",
      "the network and the storage systems. The number of adapters in any physical server is limited and dedicated redundant I/O adapters per LPAR may quickly exhaust this limit. VIO functiona-lity, therefore, provides a very cost- effective solution for I/O redundancy. Redundant I/O paths are implemented in the VIO level and can be used by all logical partitions within the system. VIO provides infrastructure flexibility, as additional LPARs can be added to the system without regard to the number available I/O slots, as there need be no requirement for additional I/O adapters. The VIO approach is also cost effective, as the number of hardware adapters (and the subsequent number of administered LAN and SAN ports) is kept to a minimum since hardware redundancy and the network and SAN access paths are implemented only once and then shared.\n",
      "The middleware and mission critical SAP components (databases, central services, and SAP \n",
      "liveCache), are implemented as separate high-availability cluster solutions to demonstrate the building blocks that are available and the strengths of each solution. As SAP APO has a load pro -\n",
      "file that greatly benefits from processor sharing between components, the system is implemented on micropartitions in a shared processor pool. Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 17SAP E RP EHP4    \n",
      "Master Data and \n",
      "Order Entry ATP\n",
      "Available-to-promise \n",
      "(ATP) driven from \n",
      "ERP via SCM for \n",
      "planning in SAP liveCacheSAP S CM 7 Central Services \n",
      "Enq & Msg Servers, \n",
      "DialogSAP S CM 7 SP6 APO       \n",
      "APP Server for Batch \n",
      "Demand Planning\n",
      "SAP S CM 7 Central Services \n",
      "Replicated Enq,  Dialog\n",
      "DB2 HADR 9.7                    \n",
      "Primary                     \n",
      "Tivoli SA MPDB2 HADR 9.7                      \n",
      "Standby                    \n",
      "Tivoli SA MP  \n",
      "SAP li veCache 7.7.07                      \n",
      "Primary                    \n",
      "PowerHASAP li veCache 7.7.07                      \n",
      "Standby               \n",
      "PowerHAPower7 System 2 Power7 System 1\n",
      "Figure 6.1:  Overview of the cluster building blocks and the application components\n",
      "The clusters were tested for a number of conceivable failures discussed and agreed with the \n",
      "T echnical Steering T eam made up of client teams and customer architects.\n",
      "T wo application scenarios were selected to drive the proof of concept at application level. These \n",
      "include the ATP check coming from order creation in SAP ERP (similar to the order creation in service parts management functionality) and a batch planning load represented by demand plan -\n",
      "ning functionality. The application server for the batch demand planning jobs is not clustered, as multiple application servers can be configured and therefore the application server represents no single point of failure (SPOF). In the case of a component failure (database, SAP SAP liveCache, or application server), the batch jobs will need to be restarted. The jobs can normally be restarted as soon as the failed component is recovered and therefore, for batch, the focus is on the speed of component recovery. For ATP , the focus is on recovery of the application and continuous availa -\n",
      "bility. For both, the target is availability and data consistency.\n",
      "6.1\t Application\tscope\tand\tgoals\n",
      "This section describes the business processes used to test the infrastructure from the application level. The goal was to test the response of the application to various failover situations and un -\n",
      "derstand the impact on the business. For this purpose, common scenarios were selected and the approach described in detail to make the results easy to map to the normal production business. Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 186.1.1 Demand planning in SAP APO\n",
      "The demand planning scenario used for these tests is taken from the standard benchmark for \n",
      "SAP APO. The benchmark scenario was updated for SCM7 by the SAP sizing and performance team for use in these tests and for reverification of the SAP APO sizing for systems running in a virtualized landscape. \n",
      "For demand planning, the tests performed under load refers to the load generated by 16 parallel \n",
      "demand planning jobs with a total throughput of around 480,000 character combinations per hour at aggregate level.\n",
      "2\n",
      "ABAP\n",
      "Process\n",
      "Demand\n",
      "PlanningABAP  \n",
      "DataBase\n",
      "SAP l ive\n",
      "Cache & \n",
      "DCOM\n",
      "ABAP  \n",
      "DataBase\n",
      "Figure 6.1.1.1: Process flow between SAP work process and the two databases\n",
      "Demand planning test caseIn the proof of concept, demand planning is used to simulate all three of the major batch scena -\n",
      "rios (demand planning, supply network planning, and production planning and detailed schedu -\n",
      "ling) as they have similar behavior profiles. They are all back ground batch jobs running entirely within SAP SCM. For these load tests, demand planning is started in massive parallel, and during the batch run, component failures are initiated.\n",
      "The demand planning batch jobs run entirely within the SAP SCM system, within the batch ap -\n",
      "plication server. In this case, there is only limited traffic between the batch application server and \n",
      "either the enqueue server or the message server. The traffic is primarily between the application server and the two databases: the ABAP database (DB2 HADR) and SAP liveCache. \n",
      "Figure 6.1.1.2 shows the traffic between the batch application server and the cluster pairs \n",
      "through the cluster service IP addresses.\n",
      "2 This load is simply a representative load using a portion of the total machine resources. This is neither an SAP \n",
      "SCM benchmark result, nor an indication of any possible high-load achievement. Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 19SAP li veCache Standby SAP li veCache PrimaryBatch Application ServerSAP CentralServices  Standb y\n",
      "Rep-ENQ, msg-server\n",
      "SAP\n",
      "LiveCacheLC_ip\n",
      "Data base PrimaryData baseStandb ySAP CentralServices  Primary\n",
      "Rep-ENQ, msg-server\n",
      "DB2DB_ipCS_ip\n",
      "Figure 6.1.1.2: Overview of the cluster communication for demand planning\n",
      "Key performance indicators (KPIs)3\n",
      "The batch jobs are expected to cancel in the case of a component loss. They should not hang or \n",
      "continue processing with invalid results. They should be in the state to restart processing im-mediately the failed component has been recovered. Consistency checks should not indicate any inconsistency other than a possible redundant time series. It is acceptable for the KPI that such inconsistencies are found in the time series as a result of the failure. These are time series that have no related information in the database but in no way effect the quality of the results of the planning run. These “orphaned” time series do nothing more than waste a bit of memory. Our  reference contacts in production planning operations confi  rmed that clean up of the time series  is done periodically (outside the critical time window) as general practice to recover any memory.  The consistency verifi  cation routines were used periodically throughout the project to ensure that no other inconsistencies occurred.\n",
      "The current KPI for complete recovery in preparation for a restart is less than or equal to fi  ve \n",
      "minutes.\n",
      "Following a failure under demand planning load, the system should be able to restart (with ope-\n",
      "rator intervention or job scheduling) the batch jobs within fi  ve minutes with data consistency.\n",
      "Batch Active\n",
      "Node failure - SAP li veCach e \n",
      "SAP li veCach e ser vice onlingBatch canceled\n",
      "Batch restarted2-3 min\n",
      "Figure 6.1.1.3: KPI for demand planning recovery\n",
      "In fi  gure 6.1.1.3, the component failure can be SAP central services, the DB2 HADR database, or SAP liveCache. \n",
      "3 Indicators used to measure success. Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 206.1.2 SAP ERP ATP check using SAP SCM\n",
      "The ATP check in SAP APO is used to ensure that delivery dates can be met before an order is \n",
      "confi  rmed. ATP functionality exists in SAP ERP as well, but it is not as rich as that provided by SAP APO. ATP in SAP APO provides the following benefi  ts:\n",
      "• Prevent overcommitment\n",
      "• Manage backorders\n",
      "• Enable search in multiple locations (global ATP)\n",
      "• Automate a manual process\n",
      "• Reduce the amount of time taken to process an order\n",
      "• Provide visibility of your sales commitments for every material for which an ATP check is performed, regardless of the results\n",
      "• Provide additional information to production beyond a forecast\n",
      "• Allow customers to be prioritized and realign commitments of a constrained product when necessary\n",
      "1\n",
      "2\n",
      "45\n",
      "36Sales Order Entry\n",
      "1.   Select a product & quantity2.   Verify availabilityConfirm OrderSAP E RP SAP SCM ATP\n",
      "Create sales\n",
      "order\n",
      "Enter business\n",
      "partner\n",
      "Confirmedquantities and\n",
      "Price conditions are\n",
      "determined\n",
      "Save the sales\n",
      "order\n",
      "Trigger credit check\n",
      "Update with credit\n",
      "check information\n",
      "Export compliance\n",
      "checks\n",
      "   Sales order is\n",
      "   createdPerform credit\n",
      "Accounting update\n",
      "and credit limitupdate\n",
      "Uncheckeddelivery iscreatedCustomerrequirement isupdatedCustomer\n",
      "requirement iscreatedEnter product\n",
      "and quantity\n",
      "ATP , e.g. system \n",
      "checks availability, determines the route and schedules the order lines\n",
      "Figure 6.1.2.1:  Overview of the SAP ERP order creation process with ATP to SAP SCM\n",
      "The ATP check for order entry begins in either SAP CRM or SAP ERP and accesses the sup-\n",
      "ply chain management planning of SAP APO through a remote function call (RFC) as part of the transaction. Figure 6.1.2.1 is an overview of the order creation process. An ATP check can be run for each order line of the customer order as necessary, and each check results in an RFC  exchange between SAP ERP and SAP APO. This process is shown in more detail in the fi  gu-re 6.1.2.1, but important to note is that if the SAP APO system is not available, the ATP check  cannot be completed with confi  rmation. Orders can then only be created without the assurance of the ATP confi  rmation, and without product or materials reservation – this is a major depre-ciation in quality.  Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 21Therefore, one of the major objectives of this proof of concept is to ensure that SAP APO is the-\n",
      "re, and that this process chain is not broken by a failover of any of the components.\n",
      "Figure 6.1.2.2 shows the actual multiple logical units of work (LUW) of the business process for \n",
      "ATP . This process spans four LUWs. The fi  rst LUW is the driving process which is creating the order and talking to the SAP GUI. The second is the RFC process created on SAP APO and tracked through the transaction identifi  er (trguid) exchanged between SAP ERP and SAP APO. The third is the booking process that asynchronously updated the database in SAP ERP following the order commit, and the fourth LUW is the asynchronous commit and database up-dates in SAP APO driven by the SAP ERP commit and transmitted over the queued core inter-face communication (CIF).\n",
      "SAP ER P\n",
      "Create first \n",
      "Sales OrderLUW1\n",
      "*) Saving of Sales Order\n",
      "triggers the Commit WorkInitialize \n",
      "(next order) Create next \n",
      "Sales Order\n",
      "ATP Che ck \n",
      "(next order)LUW1CIF-queu e= Start new LUW\n",
      "= End this LUWATP Che ck\n",
      "LUW3 Asynchronou s \n",
      "upda te task\n",
      "BAPI _TRANSACTION_COMMIT Commit \n",
      "Work *LUW2 \n",
      "Register  Transaction Commit  \n",
      "to be “Perform(ed) on commit”\n",
      "ERP\n",
      "APO\n",
      "LC\n",
      "APOLC\n",
      "LUW2 (TRGUID2)Write registered database updates to APO-db (technical tables)TRGUID = Transaction GUID\n",
      "POSGUID = Line Item GUID\n",
      "LUW = Logical Unit of Work\n",
      "TQA = Temporary Quantity Assignm.\n",
      "LC = SAP liveCache\n",
      "APO\n",
      "LUW4 \n",
      ".......Complete transaction update in SAP AP O \n",
      "and LC –convert TQA into order               \n",
      "reservations.LUW2 \n",
      "Register database update  \n",
      "to be “Perform(ed) on commit”SAP APO\n",
      "LUW2 (TRGUID 1)\n",
      "ATP-check in LCTQA created and \n",
      "commitedin LC directly (LDA)\n",
      "(POSGUID)\n",
      "Figure 6.1.2.2: Diagram of recoverable order creation process based on multiple logical units of work Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 22ATP test case\n",
      "In the proof of concept, the functionality of this order creation business process was the focal point for ATP verifi  cation. An order was opened and several line items confi  rmed through ATP , resulting in temporary quantities being reserved in SAP APO. Prior to the order being commited in the SAP ERP system, a component failure was initiated in the APO infrastructure, and further attempts to continue adding line items to the open order with ATP were made during the failo-ver activity. The target was to see whether the ERP side of the order process would fail or whe-ther is would be able to recover and complete the processing with APO.\n",
      "KPIs\n",
      "The ideal result is that the order process recovers and can continue, allowing the order to be completed. An acceptable result might be that the order must be reinitiated after a failure, but that the system must be available again for the next order within the recovery time set by the KPI. \n",
      "The current KPI for complete recovery is less than or equal to fi  ve minutes. This KPI was set by \n",
      "actual customer requirements.\n",
      "MaldivesStart\n",
      "Order\n",
      "Complete!Databa se fail ure!\n",
      "liveCache  Failure!\n",
      "Server Failure!ERPLC\n",
      "APO\n",
      "LC\n",
      "APOHaraldSAP ERP\n",
      "Create first \n",
      "Sales Order\n",
      "ATP checkLUW1\n",
      "*) Saving of SalesOrder\n",
      "triggers the Co mmit Work= Start new LUW LC =  SAP liveCache\n",
      "= End this LUW\n",
      "LUW2 \n",
      "Register  Transaction Commit  \n",
      "to be “Perform(ed) on commit”\n",
      "LUW3 Asynchronou s \n",
      "update task\n",
      "Initialize \n",
      "(next order) BAPI _TRANSACTION_COMMIT \n",
      "Create next \n",
      "Sales Order\n",
      "ATP Che ck \n",
      "(next order)LUW1Com mit \n",
      "Work *\n",
      "CIF-queuePer \n",
      "order \n",
      "line itemSAP AP O\n",
      "LUW2(TRGUID 1)\n",
      "ATP-Chec k in LCTQA created and \n",
      "commitedin LC directly (LDA)\n",
      "LUW2 \n",
      "Register dat abase update  \n",
      "to be “Perform(ed) on commit”(POS GUID)\n",
      "LUW2 (TRGUID 2)Write registered d atabase updates to SAP A PO-db\n",
      "(technical tables)\n",
      "APO\n",
      "LUW4 Com plete \n",
      "transaction update \n",
      "in SAP A PO and LC – \n",
      "convert TQA into \n",
      "order  \n",
      "reservations.\n",
      "Figure 6.1.2.3: Overview of the order creation process target for recoverability Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 236.2\t Summary\tof\tKPI\tresults\n",
      "The section summarizes the results that were actually achieved in the proof of concept as they \n",
      "relate to the key performance indicator goals. The results are grouped by application target and show the results of each of high-availability cluster components. The results for the high-availability hardware infrastructure are documented in the hardware section. The hardware infrastructure met its KPIs by demonstrating that failures in redundant hardware components were managed by the infrastructure design and these had no effect at ap -\n",
      "plication level – production continued without disruption or need for any recovery activity.\n",
      "6.2.1 Demand planning under load \n",
      "Formal PoC KPI: five minutes recovery of service\n",
      "Failure of HADR database: available in less than or equal to two minutes\n",
      "<1 m inBatch active\n",
      "Node failure –HADR 18:30:54\n",
      "DB2 HADR Recovered 18:31:47Batch cancelled:\n",
      "Batch restarted\n",
      "Figure 6.2.1.1: Recovery from DB2 failover after server crash\n",
      "Failure of SAP liveCache database: available in less than or equal to three minutes\n",
      "Batch active\n",
      "Node failure –SAP l iveCache\n",
      "liveCache Recovered  13:00:27Batch cancelled \n",
      "12:57:31\n",
      "Batch restarted \n",
      "13:00:403 min\n",
      "Figure 6.2.1.2: Recovery from SAP liveCache server failure\n",
      "The System Automation for Multiplatforms (SA MP) supported components (DB2 HADR and \n",
      "SAP CS) showed a faster reaction time then the PowerHA supported component (liveCache) as they are more tightly integrated with the SA MP cluster solution supporting them. In the cur -\n",
      "rent PowerHA cluster support, recognition of the loss and failover by the cluster takes somewhat longer then for the SA MP components, but remains well within the KPI. As the objective is reliability, a faster reaction time was not forced. The actual HotStandby takeover activity in SAP liveCache takes from a few seconds up to a minute, depending on the liveCache version.  The combined recovery time of liveCache and PowerHA was within the KPI. Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 24Failure of SAP central services: Restored in less than two minutes\n",
      "Batch jobs in external batch application server do not fail but hang in enqueue wait until enqueue service is restored and then continue to run. The end-to-end runtime of the mass demand pl -\n",
      "anning run (for 896 seconds) was around one minute longer than the normal runtime (for 840 seconds) as result of the failover.\n",
      "Batch  active\n",
      "Node failure    \n",
      "SAP Central Services T akeo ver ~ 2 min\n",
      "Batch  survives \n",
      "Batch  completes~ 1 min longer run time than norma l\n",
      "Fig 6.2.1.3: Recovery of SAP message and enqueue server processes after server crash Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 256.2.2 Available to Promise\n",
      "SAP ERP\n",
      "Sales Order Entry\n",
      "1.Selec t a Product & Quantity\n",
      "2.Verify availabili tyATP and temporary quan tity reservation\n",
      "Confirm Order quantity –reserve TQSAP SCM\n",
      "Node failure  \n",
      "Comm it Temporary quantity reservations\n",
      "Service recovery  User gets  gateway  error \n",
      "User c an cont inue with \n",
      "consistent resu lts 1 –2 minConfi rm Order\n",
      "Figure 6.2.2.1: ATP recovery from SCM component failure\n",
      "KPI: five minutes recover to next order\n",
      "Current open order is not interrupted but is able to continue correctly to completion despite \n",
      "failover in the SAP APO infrastructure. Data integrity was achieved on both SAP APO and SAP ERP views of the completed order.\n",
      "Results\n",
      "Failure of HADR database:   Available in less than or equal to 2.5 minutes\n",
      "Failure of SAP liveCache database:  Available in less than or equal to 3 minutes\n",
      "Failure of SAP CS:    Available in less than or equal to 2 minutes Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 267 Design Components of the Infrastructure\n",
      "This chapter covers the overall design of the infrastructure used for the proof of concept and ex-\n",
      "plains the purpose of each component design. There are always many different approaches which can be taken to achieve a very similar result. The design presented, therefore, does not pretend to depict the only possible implementation route. In order to make it easier for other implemen-tation teams to modify the design, for reasons dictated by their own requirements, the team has tried to present the options, the choices made, and the reasons for the options selected.\n",
      "7.1\t Infrastructure\tscope\tand\tstack\n",
      "This section introduces the solution design, and maps the infrastructure components into the end to end design. It explains why the component stack used in the proof of concept was selected. No proof of concept can cover every eventuality and therefore it is important to defi  ne what was used, why it was selected, and what the dependencies are.\n",
      "Infrastructure solution stack\n",
      "DS800 0 SVCDB2 HA/DR        \n",
      "SAM PDB2 HA/DR \n",
      "PowerHASAP central services S AMP SCM  CS PowerHA\n",
      "SAP li veCache\n",
      "PowerHASAP li veCache\n",
      "PowerHAHeterogeneous stack Homogeneous Stack\n",
      "Figure 7.1.1: Overview of component stack\n",
      "The scope of this proof of concept addresses the cluster component combinations shown in fi  gu-re 7.1.1. SAP central services (replicated enqueue and message server failover) are supported by both cluster solutions (PowerHA and Tivoli SA MP) and are in production in many sites today. \n",
      "DB2 HADR and SAP central services are supported by Tivoli System Automation for Multiplat-\n",
      "forms in a close integration with SAP . SA MP is available as part of the installation kit for SAP software.\n",
      "PowerHA or IBM HACMP™ for AIX is a very mature AIX clustering solution that has been a \n",
      "standard in AIX-based SAP implementations for many years. Due to the fl  exibility of HACMP , and its longevity in the market, there are implementations in production for all SAP components that require high-availability functionality, including SAP central services and DB2 HADR.  Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 27The target of this project is to address both cluster functionalities, and thereby support the major \n",
      "customer base, with the exception of SAP liveCache. The SAP liveCache solution is new and is a feature of AIX PowerHA (HACMP). Nevertheless, the SAP liveCache solution can be combined with the other building blocks using System Automation for Multiplatforms to build the comple -\n",
      "te HA stack in a heterogeneous environment. PowerHA can also be used to implement the entire stack in a homogenous environment. \n",
      "Both the homogeneous PowerHA stack and the heterogeneous SA MP with PowerHA stack is \n",
      "covered in this proof of concept.\n",
      "The IBM implementation of SAP liveCache with HotStandby is based on FlashCopy technology \n",
      "and initially supports the IBM storage servers DS8300 and San Volume Controller. The DS8300 is supported using its native interface and functionality directly. For other SAN storage, the SAN Volume Controller (SVC) provides the interface and offers additional flexibility and extended HA functionality. Via the SVC, any available SAN storage can be supported. With this initial combination it is possible to support the majority of the current SAP APO installed base in one way or the other with a high quality solution.  Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 287.1.1 Logical landscape \n",
      "Figure 7.1.1.1 shows the logical landscape design used for the proof of concept. The high-availa-\n",
      "bility design is focused on the components dedicated to SAP SCM APO. File sharing is typically provided by a highly available Network File Server (NFS functionality) that provides generally for the systems within an SAP landscape rather than a single SAP system. There are a number of different highly available NFS solutions that are commonly in use. For this reason, the proof of concept assumes that an external HA NFS is available and shared by the SAP SCM system. Another common implementation design is to place the NFS fi  le systems under the control of the SAP central services cluster solution.\n",
      "CS IP Alias\n",
      "all/sapmnt\n",
      "/usr/sap\n",
      "/trans\n",
      "/archive\n",
      "./db2 \n",
      ".sapdbSaprouter\n",
      "3900\n",
      "NFSLandsc ape admin,  NIM & NFS\n",
      "SAP central services SAP central services\n",
      "database-primary database-standby\n",
      "SAP liveCache-master SAP liveCache-standbyDB2-A  HA/DR  EnQ, Msg\n",
      "HLC1a   liveCacheClient Network\n",
      "RFC\n",
      "Internal NetworkSAP E RP S ystem with \n",
      "ATP\n",
      "SAP S CM Batch Apps\n",
      "SAP S CM Batch Apps\n",
      "DB2-B  HA/DR  Rep ENQ, \n",
      "HLC2a   liveCache\n",
      "SAP SCM ClustersSAP SCM Clusters- Msg\n",
      "Figure 7.1.1.1: Overview of the logical landscape design with two networks and external NFS used for the proof of concept\n",
      "Best practices for SAP installations normally see a separation between the client network and the backbone network. The backbone network connects the components of an SAP landscape – ap-plication servers to the databases, SAP ERP to SAP APO and so on. The backbone networks are typically high-capacity networks with few hops. Separating the client network from the backbone is also done for security purposes; logged in users cannot directly access a database or a server. Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 29The active SAP message server is reached through the IP Alias for the SAP central services clus -\n",
      "ter. The access between SAP ERP and SCM is by means of a remote function call (RFC) port, \n",
      "configured to the IP alias.  \n",
      "The SCM batch application server is not part of a cluster as applications servers do not repre -\n",
      "sent single points of failure. Multiple applications servers can be configured for online users and \n",
      "batch. For the proof of concept, a single large batch application server is used as a single server is sufficient to understand the effects of various failures on the batch load.\n",
      "7.1.2 Server infrastructure\n",
      "The infrastructure is based on IBM Power® servers using PowerVM to take advantage of the \n",
      "many benefits of this server infrastructure for HA. Both, POWER6 and POWER7 processor-based servers were used in the functional testing to ensure the solution for the current install base \n",
      "as well as for those SAP SCM systems moving to newer hardware. The proof of concept focused \n",
      "on the SAN Volume Controller for storage testing as the SAN Volume Controller provides a \n",
      "wider scope of functionality, and therefore, a broader scope, as well as the broader requirement for testing. \n",
      "In the proof of concept, the back-end SAN storage was provided by various IBM SAN storage \n",
      "systems including the IBM XIV\n",
      "® Storage System. The SAN Volume Controller was used to \n",
      " provide the FlashCopy functionality and the additional resiliency of storage mirroring across \n",
      "multiple storage servers. Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 307.2\t High-availability\tinfrastructure\tdesign\ton\tPower\tservers\t–\tthe\tbasis\t\t\n",
      "This section describes the design of the hardware infrastructure used to achieve high availability \n",
      "though redundancy of I/O paths. The target is to avoid interruption to the application levels as far as possible, insofar as the hardware design can cover the failure. The infrastructure design is built using PowerVM virtual I/O to enable the actual redundancy in hardware components to be implemented one time and used by all upstream logical partitions (LPARs). This reduces the cost and complexity of the redundant hardware implementation.\n",
      "7.2.1 Design overview – storage  \n",
      "This design delivers redundant storage access paths such that any component of the access chain can fail without disruption to the application.\n",
      "Following design rules are used to ensure continuous availability Physical storage\n",
      "The actual storage provided through the storage server is configured using redundancy such as RAID, or other protection mechanisms which ensure availability despite the failure of physical disks. The proof of concept used both RAID5 in the enterprise storage servers (IBM System Sto -\n",
      "rage DS8300 systems) and data redundancy provided by the IBM XIV\n",
      "® Storage System. In either \n",
      "case, the failure of a single disk has no impact to the data availability.\n",
      "Storage server\n",
      "T o prevent data loss in case of the fail of a storage system, the data will be mirrored to two sto -\n",
      "rage systems. This functionality comes with the SAN Volume Controller.\n",
      "The disk from the storage systems will be grouped into two different managed disk groups (also \n",
      "called MDisk groups). The virtual disks were created as mirrored disks from both MDisk groups, so that the virtual disks are mirrored over two storage systems. In case of a storage system failure, the operation continues with the remaining copies.\n",
      "The SAN is divided into two fabrics and every storage component is connected to both fabrics. \n",
      "In case one fabric goes down, the traffic continues to flow over the other fabric.\n",
      "The SAN Volume Controller is a highly-available storage solution because it is a cluster of a mi -\n",
      "nimum of two nodes. In case one node fails, the second node takes over the traffic.There are two VIO Server partitions on each physical system, which are connected to both of the \n",
      "SAN fabrics. On the client partitions, the AIX integrated multipath I/O device driver takes over the path failover activities. Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 31Parts of the storage layout in this design are:\n",
      "SAN\n",
      "VIO1 VIO2SAN\n",
      "LPARSVCStorage\n",
      "storage subsystems \n",
      "SAN fabricsSAN Volume Controller\n",
      "(implementing storage virtualization)\n",
      "VIO Server\n",
      "LPAR supporting the application\n",
      "Figure 7.2.1.1: Redundant I/O design for storage\n",
      "Figure 7.2.1.1 shows the logical stack that connects the logical partitions that house the appli-\n",
      "cations to the storage components that house the data. This stack is implemented using virtual I/O and redundant paths for high availability. The SAN fabric, which appears in two layers in the diagram, will normally be the same SAN fabric, although it need not be. Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 327.2.2 Native storage design\n",
      "Design with one storage system\n",
      "In a native storage design with one storage subsystem, the disk storage is provided by one sto-rage system and the FlashCopy functionality is between LUNs (logical disks) located on a single storage server.\n",
      "SANVIO1 VIO2\n",
      "Storage1LPAR\n",
      "Figure 7.2.2.1: Overview of single storage server access\n",
      "In a “native storage design” (no SVC storage virtualization layer – disks directly attached to the virtual I/O servers)  with two storage servers, the mirroring of the disks from both storage sys-tems could be done at LPAR level with AIX logical volume mirroring (LVM).\n",
      "This can be done for the databases and other high-availability components, but not recommen-\n",
      "ded for SAP live Cache with Hot Standby. As the data in a Hot Standby is refreshed by means of a storage level FlashCopy, the OS level LVM would not see the refresh happen. Hot Standby, for direct attached disks, is based on FlashCopy within a single storage subsystem. The solution does not span two storage subsystems and is not able to initiate orchestrated FlashCopy over two sto-rage servers as would be necessary.  The solution is single storage server, single site only for SAP liveCache with HotStandby, which also means that the storage subsystem becomes a single point of failure. This challenge is solved with the San Volume Controller and storage virtualization.\n",
      "The disadvantage of a single storage subsystem implementation is that, in case of a storage server \n",
      "failure, both FlashCopy source and target are affected. This would have the greatest impact on the SAP liveCache as the HotStandby uses FlashCopy to generate the data redundancy. DB2 HADR is able to span storage servers at application level. Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 33Design with two storage subsystems\n",
      "LPAR\n",
      "VIOS1 VIO2\n",
      "Storage2 Storage1SAN\n",
      "Figure 7.2.2.2: Overview of design spanning storage servers\n",
      "In a native storage design (without SAN Volume Controller storage virtualization layer), the \n",
      "disks are directly attached to the virtual I/O servers. This will allow data to be mirrored over two storage servers from the LPAR level using AIX Logical Volume Mirroring (LVM).This can be done for the databases and other HA components, but is not supported for the SAP liveCache with HotStandby. The HotStandby uses FlashCopy, and an implementation that spans multiple storage servers will require FlashCopy functionality that also spans multiple storage ser-vers. The HotStandby solution is not able to initiate an orchestrated FlashCopy over two storage servers as would be necessary. This functionality does not yet exist for direct attached disks, even through the VIOS virtualization layer. Therefore, for directly attached disks, the SAP liveCache solution is a single storage server and single site only with HotStandby. This challenge is solved with the SAN Volume Controller. Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 347.2.3 Virtualization benefi  ts of SAN Volume Controller \n",
      "The SAN Volume Controller can attach to multiple storage subsystems and is able to mirror \n",
      "storage over multiple servers. As the SAN Volume Controller is also implemented as cluster for its own redundancy requirements, this solution will allow the critical storage components to be mirrored on multiple storage subsystems in multiple sites.\n",
      "The disadvantage of a native storage design can be overcome by the additional virtualization \n",
      "layer provided by the SAN Volume Controller. \n",
      "Figure 7.2.3.1 shows storage coming from multiple storage ser-\n",
      "vers. The storage has been organized into storage pools based \n",
      "on storage subsystem boundaries. The virtual disks that are \n",
      "presented to the VIO Servers are created in one storage pool \n",
      "and then mirrored to the second pool such that each copy is on \n",
      "a separate storage subsystem. The failure of a complete storage subsystem should not cause interruption to the application as the data is still available. Root volume groups and other opera-\n",
      "ting system level requirements must also be redundant in order \n",
      "for the LPAR to survive loss of access to a single storage sub-\n",
      "system. In the proof of concept, the operating system volumes were also mirrored across SVC storage pools.\n",
      "As the SAN Volume Controller is also the focal point for the \n",
      "FlashCopy activity, the FlashCopy will also be refl  ected in the \n",
      "copies without requiring any effort from the  SAP liveCache with HotStandby solution. A FlashCopy from source to target updates the target disk and if this disk is mirrored, then the \n",
      "mirror of the target disk is also updated.vscsi vscsiLPAR\n",
      "VIO1 VIO2\n",
      "SVC\n",
      "Storage1SANSAN\n",
      "Storage2\n",
      "Figure 7.2.3.1: Storage design with VIO and SAN Volume Controller (using virtual SCSI)\n",
      "The FlashCopy operations are performed with virtual disks so that the handling is easier and \n",
      "storage system independent from the FlashCopy level.\n",
      "Storage2 Storage1 Storage2 Storage1SVCFlash copy in SVC\n",
      "SANSANVIO Server VIO Serv er\n",
      "Figure 7.2.3.2: FlashCopy via the SAN Volume Controller Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 357.2.4 Virtual SCSI versus N Port-ID Virtualization (NPIV)  \n",
      "There are two different methods of distributing the disks from the storage system or the SAN \n",
      "Volume Controller over the VIO Server to the client LPARs.\n",
      "LPAR\n",
      "VIO1 VIO2\n",
      "SVC\n",
      "Storage2 Storage1SANSANvscsi vscsiVSCSI (virtualdisk)\n",
      "LPAR\n",
      "VIO1 VIO2\n",
      "SVC\n",
      "Storage2 Storage1NPIV (Virtual Adapter)\n",
      "SANSAN\n",
      "Figure 7.2.4.1: virtual disk or virtual adapter\n",
      "Until the advent of NPIV capabilities, virtual SCSI (VSCSI) was used. Using VSCSI, the disks from the storage subsystem are attached to the VIO Servers and mapped (using PowerVM func-tionality) as SCSI disks to the LPARs. In this confi  guration, the VIO Server provides the binding of the physical disk capacity provided by the storage server to the client LPAR.AIX Multi-Path I/O (MPIO) drivers on the client LPAR are used to recognize and manage the multiple access paths to each storage LUN.  In the case of dual VIO Servers, as depicted in fi  gure 21, there will be two paths to the same VSCSI disk (one per VIOS). \n",
      "The disadvantage of this design is the relatively complex handling – the mapping that must be \n",
      "confi  gured for each disk. Despite having two paths, access is not load balanced but will select a preferred path. \n",
      "One benefi  t of this confi  guration is that the zoning in the SAN is only between the storage ser-\n",
      "vers and the VIOS. The LPARs do not require specifi  c SAN zoning themselves. Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 36With a new generation of FC controllers, new functionality can be used to implement this as -\n",
      "signment of disk to LPAR through VIOS using virtual fibre channel adapters; NPIV rather than \n",
      "VSCSI.\n",
      "The, N_Port ID Virtualization (NPIV) is a fibre channel functionality allowing multiple N_Port \n",
      "IDs to share a single physical N_Port. This allows multiple fibre channel initiators to occupy a single physical port.  \n",
      "With that the physical SAN can be extended over a virtual SAN and virtual FC adapters can be \n",
      "assigned to the client LPAR. The client LPAR can now directly access the storage subsystem and the disks can be assigned directly to the LPAR.  The advantage of this method is an easier assignment of disks to the client LPAR. All disks assig-ned to the virtual adapter address can be seen immediately by the LPAR – they do not need to be defined in VIOS. Additionally, this access method implements load balancing over the multiple paths, spreading the I/O over the virtual adapters and thereby over the multiple VIO Servers.\n",
      "For this solution, the LPARs must participate in the SAN zoning, which increases the zoning \n",
      "complexity to a certain extent.\n",
      "Using NPIV , the SDDPCM multi-path driver is recommended. The proof of concept on AIX \n",
      "6.1 used SDDPCM 2.6.03. Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 377.2.5 Results of storage component failure\n",
      "T o verify the design’s ability to meet the application-level requirements, the following tests were \n",
      "done under application load (batch demand planning).\n",
      "Failure of a VIO Server\n",
      "The VIO Server LPAR may fail, or more likely, the VIO Server may require scheduled mainte-nance. This test was used to prove that a VIO Server can be stopped (or fail) without causing any disruption to the application. In this case, the partner VIO Server is expected to assume the load and continue in un-interrupted production.\n",
      "Result was a short I/O suspend of some seconds for the takeover and no impact on the  application.\n",
      "LPAR\n",
      "VIO1 VIO2\n",
      "SVC\n",
      "Storage2vscsi vscsi\n",
      "Storage1SANSAN\n",
      "Figure 7.2.5.1: Reaction to the failure of a VIO Server Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 38Failure of a SAN fabric or a FC controller\n",
      "A FC controller, SAN connection, and even a complete SAN switch can fail, or a section of the fabric may be removed for scheduled maintenance purposes. In such cases, the I/O should be rerouted through the red-undant path on each of the VIOS and the application should not be affected. The multipath environment should continue production I/O without interruption.\n",
      "The result for such a failure in the proof of concept \n",
      "was only a short I/O suspend of some seconds, with no impact to the Demand Planning application running in parallel batch.i\n",
      "SANvscsi vscs\n",
      "SANLPAR\n",
      "VIO1 VIO2\n",
      "SVC\n",
      "Figure 7.2.5.2: Reaction to the failure of a SAN switch or fabric component\n",
      "Failure of a complete storage systemIt may be possible that one of the storage systems might fail or might need to be stopped for maintenance purposes.In this case, the mirroring function of the SAN Volume Controller ensures that the data remains available and production can continue.\n",
      "i\n",
      "SANvscsi vscsi\n",
      "SANLPAR\n",
      "VIO1 VIO2\n",
      "SVC\n",
      "Figure 7.2.5.3: Reaction to a storage server failure in a mirrored storage design Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 397.2.6 Design overview – network\n",
      "The TCP/IP network design done for the high-availability infrastructure implements the same \n",
      "approach as was done in support of the storage area network. The dual VIO Servers provide red-undant paths from the LPARs to the network.\n",
      "The network is expected to consist of redundant switches, and each network adapter connected \n",
      "to a different switch. With this confi  guration, a switch, a cable, an adapter and even a VIO Server can fail without disrupting network access for the application.\n",
      "HypervisorDB HADR SAP central services\n",
      "SAP liv eCache\n",
      "VIOS1\n",
      "VIOS2HypervisorHypervisorHypervisorDB HADR SAP central services\n",
      "SAP liv eCache\n",
      "VIOS1\n",
      "VIOS2WAN\n",
      "Back-\n",
      "bone\n",
      "Figure: 7.2.6.1 Overview of the logical network\n",
      "The network connection for the systems is provided by two networks, one internal (SAP back-bone network) and the other external (maintenance network). The maintenance network is protected from external access through a fi  rewall, and is used for administration access and for backup traffi  c.\n",
      "Both, the internal and the external networks are routed within the Power systems through the \n",
      "IBM Power Hypervisor as virtual networks. These two virtual networks are connected to the virtual networks on the second Power system over a physical connection to the network switches. In this case, when all primary servers are on one machine, all application traffi  c is routed through virtual network and the hypervisor. Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 40If a component fails and its service is moved to the standby servers on the second Power system, \n",
      "traffi  c between the application components will then transverse the physical network as well.\n",
      "LPARLPAR\n",
      "LPARLPARVIO1 VIO2ExternalNetwork\n",
      "Backbone Network\n",
      "LPARLPAR\n",
      "LPARLPARVIO1 VIO2\n",
      "System 1 System 2\n",
      "Figure 7.2.6.2: Internal and external network design over Hypervisor Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 41Design for shared Ethernet adapter failover\n",
      "Company EthernetVIO1 VIO2\n",
      "Control\n",
      "ConnectionLPAR\n",
      "VirtualEthernet\n",
      "Dual Path\n",
      "Figure 7.2.6.3: Multiple paths for the virtual Ethernet\n",
      "The LPAR automatically recognizes a virtual Ethernet adapter in the same way as it a physical \n",
      "Ethernet adapter. In the view of the application levels above, the virtual adapter is a physical ad -\n",
      "apter. A virtual adapter however has the benefit of providing multiple paths over the VIO Servers and over more than one physical adapter. This virtual Ethernet is connected through both VIO Servers and therefore it has two paths. On each of the VIO Servers there is a bridging device between the virtual and a physical Ethernet. This bridging device, also called a shared ethernet adapter (SEA), is set up as a failover SEA and a control connection is created between the two VIO Servers. The control connection coordinates the failover response.\n",
      "A priority is assigned to each the SEA, so there is a primary and a secondary SEA. In normal \n",
      "operations, the traffic goes over the primary SEA and in case of a failure; the secondary SEA will take over. Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 42Design with network interface backup in the client partition\n",
      "An alternative method for an Ethernet connection through two VIO Servers is the network interface backup in the client partition. In this case, two virtual Ethernets are created, one per VIO Server. These two virtual networks both have a connection port to the client LPAR and the LPAR sees two Ethernet interfaces. The client LPAR uses two virtual Ethernet adapters to create a network link that consists of one primary adapter and one backup adapter, the same method as used to bundle physical adapters in the past.\n",
      "The interface is defined on the network link. If the primary adapter becomes unavailable, the \n",
      "network interface backup switches to the backup adapter. The failover action takes place on the LPAR in this implementation rather than at VIO level. This method makes the network configu -\n",
      "ration somewhat more complicated, and as also only one network path is used at any given time (no load balancing), it provides no obvious advantage to the SEA failover. \n",
      "For this reason, the simple SEA solution was selected for the proof of concept.\n",
      "Company EthernetVIO1 VIO2LPAR\n",
      "2 Virtual EthernetNetwork Link\n",
      "Each single path\n",
      "Figure 7.2.6.4: Multiple paths using link aggregation \n",
      "For the proof of concept it is beneficial that the load is either following one route or the other, \n",
      "but not load sharing over both. This makes the response to a failure easier to track and the shift of load from a failed path to a failover path easier to depict. A consideration for high-availability system, however, would be the effect of the consolidated data volume following a failover. If load balancing were active in the normal state, then a failure of a path would reduce the available capacity by half which may have unpredictable results on the application behavior. The volume would suddenly be all focused over one path. If the system is always working with one path or the other, then a bottleneck in capacity will be visible and need to be addressed, but it will not be hidden. A failover will not change the behavior in any unexpected way, which could be the case when the normal production capacity is suddenly halved. Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 437.2.7 Results of a network component failure \n",
      "The following tests executed in the proof of concept to verify the stability of this solution. In \n",
      "each case, the application continued operations without interruption to any of the high-avai -\n",
      "lability cluster pairs, without disruption to the (heartbeats) or between the components of the SAP systems (application server to databases). The 16 batch demand planning load was used for verification. \n",
      "Control\n",
      "Connection\n",
      "Company  EthernetControl\n",
      "Connection\n",
      "Company  EthernetLPAR\n",
      "Virtual Ethernet\n",
      "VIO1 VIO2Failure of a VIO ServerThere are possibilities for VIO Server to fail or a planned downtime to occur.\n",
      "The SEA of the second VIO Server is informed over the \n",
      "control connection that the partner SEA is not operating and takes over the function.\n",
      "In these tests, the failover was so fast; we were unable to mea -\n",
      "sure any outage of the network connection. The tools used are \n",
      "limited to one-second intervals.\n",
      "Figure 7.2.7.1: Failure of a VIO Server\n",
      "Control\n",
      "Connection\n",
      "Company  EthernetControl\n",
      "Connection\n",
      "Company  EthernetLPAR\n",
      "Virtual Ethernet\n",
      "VIO1 VIO2Fail of a Physical Network ComponentA physical network component, such as a switch or a cable connection of the physical network can fail. In such a case, the SEA of the second VIO Server is informed through the con-trol connection that the SEA on the partner is not functioning and takes over the service.\n",
      "Figure 7.2.7.2: Failure of a network fabric component Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 44Test results\n",
      "The next few graphics show the results from some of the VIO Server failure tests. The red lines \n",
      "show the point of failure and the green lines show the return of the VIO Server. These graphs come from NMON\n",
      "4 measurements done for a time interval of fi  ve seconds. These graphs in fi  -\n",
      "gure 7.2.7.3 show the view of ongoing activities as seen from the HADR primary database LPAR.\n",
      "Figure 7.2.7.3: NMON views of I/O component failover\n",
      "Failure of a VIO Server with the active network connectionThe disk activity graph, in fi  gure 7.2.7.3, shows that the disk I/O stalled for a few seconds after the failure, before I/O service was recovered. There was no interruption to application produc-tion which was running demand planning batch jobs.\n",
      "The network traffi  c (network I/O graph) drops because this traffi  c is driven by the application \n",
      "and if the application is waiting on disk I/O, it does not generate network traffi  c. However, the network traffi  c did not actually stop at any time. \n",
      "4 NMON is a performance measurement and recording took that is native on AIX. It records a large number of system metrics at set intervals and provides an spreadsheet analysis tool. One highlight of NMON is its ability to graph multiple metrics across the same time axis. Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 45Failure of a SAN fabric in the NPIV environment\n",
      "The proof of concept tested the high-availability design for both virtual SCSI and for NPIV . Figure 7.2.7.4 shows NMON graphs taken from a SAN fabric failure when using NPIV for disk I/O. The fi  rst two graphs are a view from the DB2 HADR primary database LPAR showing a similar behavior as seen in the virtual SCSI environment for a VIO failure. The fi  rst graph, disk total, shows that a short suspend occurs in disk I/O during failover. The second graph, network I/O, shows that the impact on the disk I/O is seen as a visible drop in network activity.\n",
      "Figure 7.2.7.4: VIO Server failure results with NPIV – as seen from NMON\n",
      "The fi  nal graph in fi  gure 7.2.7.4 shows the view from a VIO Server with NPIV . This represents a SAN fabric failure (actually the device cable to the SAN was disconnected). Prior to the failure, the VIO Server is distributing load over both the NPIV adapters using load balancing. At the point of failure, after a short delay, the total traffi  c level is seen to have switched to the remaining active NPIV adapter path.  The I/O load remains the same, it is simply all routed over the single remaining path from this VIO Server. After restoring the failed component, (replacing the cable), the traffi  c is automatically resumed over both adapter paths. Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 467.2.8 Lessons learned during the implementation \n",
      "Incorrect disk attributes for VSCSI disk\n",
      "If you have set up disk access through two VIO Servers using VSCSI MPIO to an AIX LPAR, \n",
      "then you need to make some changes to your hdisks because the operating systems sets up the MPIO  incorrectly.\n",
      "With the default settings, if the paths do not automatically reconnect through the second route \n",
      "following a VIO failure, ensure that the hcheck_interval and hcheck_mode are set correctly:Example for default hdisk0 settings:\n",
      "# lsattr -El hdisk0\n",
      "PCM   PCM/friend/vscsi Path Control Module    False\n",
      "algorithm  fail_over  Algorithm     True\n",
      "hcheck_cmd  test_unit_rdy  Health Check Command   True\n",
      "hcheck_interval 60   Health Check Interval    True\n",
      "hcheck_mode  nonactive  Health Check Mode    True\n",
      "max_transfer  0x40000  Maximum TRANSFER Size   True\n",
      "pvid   00cd1e7cb226343b0000000000000000 Physical volume identifier False\n",
      "queue_depth  3   Queue DEPTH    True\n",
      "reserve_policy  no_reserve   Reserve Policy     True\n",
      "IBM recommends a value of 60 for check_interval and hcheck_mode should be set to nonactive. \n",
      "Normally nonactive is the default but this setting should be verified.\n",
      "T o change these values (if necessary):\n",
      " # chdev -l hdisk0 -a hcheck_interval=60 -P\n",
      " # chdev -l hdisk0 -a hcheck_mode=nonactive –P\n",
      "You need to reboot for automatic path recovery to take effect.\n",
      "If the check_interval and hcheck_mode are not set as described, or no reboot has been done since \n",
      "the change, you are likely to experience the following error even after the failed path is back online:\n",
      "# lspath\n",
      " Enabled hdisk0 vscsi0\n",
      " Failed  hdisk0 vscsi1\n",
      "In this case the situation has to be fixed manually using the following commands: # chpath -l hdisk0 -p vscsi1 -s disable\n",
      " # chpath -l hdisk0 -p vscsi1 -s enable Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 47Rechecking the status now should show:\n",
      "# lspath\n",
      " Enabled hdisk0 vscsi0\n",
      " Enabled hdisk0 vscsi1\n",
      "Duplicate WWN for NPIV\n",
      "When a NPIV adapter is created, the system assigns two worldwide network (WWN) addresses to this adapter.\n",
      "You can see the both WWNs on the attributes page of the virtual FC adapter on the Hardware \n",
      "Management Console (HMC).\n",
      "Figure 7.2.8.1: HMC view of NPIV properties\n",
      "On the SAN infrastructure only one of the WWNs of the adapter is visible and active. The second WWN is needed for live partition mobility (LPM)\n",
      "5. On the destination LPAR, the \n",
      "second WWN will be activated during a LPM operation.\n",
      "If LPM is in plan, it is necessary that the second invisible WWN is also defined in the SAN zo -\n",
      "ning between the host and storage subsystem. Otherwise LPM will not work correctly.\n",
      "5 IBM PowerVM provides the functionality to move an active LPAR between Power servers. This functionality is \n",
      "based on VIO and is controlled by the hardware management console (HMC). The LPAR being moved must take \n",
      "its I/O access with it and therefore virtual adapters must also support mobility. Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 48Disk access failures on VIO Server\n",
      "There are two attributes that should be set to allow both VIO Servers to access disks that are \n",
      "assigned to both. Otherwise access from the second VIO Server will result in errors.\n",
      "The following attributes should be set, per hdisk, to enable access from both VIO Servers:\n",
      "reserve_policy=no_reserve and algorithm=round_robin\n",
      "The attributes can be set as follows:\n",
      " chdev -dev hdisk0 -attr reserve_policy=no_reserve\n",
      " chdev -dev hdisk0 -attr algorithm=round_robin\n",
      "7.2.9 A note on network and domain name server (DNS)\n",
      "In a highly reactive cluster environment, the domain name server can become a single point of failure. As the IP information is critical to the cluster success, and a long DNS search can cause problems with the cluster behavior, the cluster IP information is maintained locally. The DNS is configured to first use the local and then follow the DNS search path. Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 497.3\t Tivoli\tclustering\t–\tTivoli\tSystem\tAutomation\tfor\tMultiPlatforms\n",
      "This section covers the functionality and design overview of the Tivoli clustering software used \n",
      "for both DB2 HADR and the SAP central services in the proof of concept. \n",
      "7.3.1 Introduction to Tivoli System Automation for Multiplatforms\n",
      "The minimal target for a clustering solution in this mission-critical SAP SCM software was a recovery time of less than five minutes for the service supported for any component, and appli -\n",
      "cation data consistency in the case of database failover. The methodology used in this proof of concept was to go beyond the functionality tests, and rigorously test the solution behavior under typical application load.\n",
      "In this proof of concept, using the general best practices, the test team easily achieved recovery \n",
      "times that range from one to two minutes under load conditions (massive parallel demand plan -\n",
      "ning) and have proven data consistency after failover for both batch demand planning and the cross-system transactional ATP checks. \n",
      "IBM Tivoli System Automation for Multiplatforms (Tivoli SA MP) was used as the clustering \n",
      "software and IBM DB2 HADR was the database cluster solution providing an ultrafast failover. What made Tivoli SA MP so compelling in our project was the “out-of-the-box”\n",
      "6 integration \n",
      "with DB2 HADR on the one hand and the predefined polices for SAP central services on the other. SAP and IBM DB2 development teams work closely together to enhance the integration of DB2 HADR/Tivoli SA MP and SAP software to make this an easy to use high-availability solution. With the SAP cluster setup tool (SAP Note 960843) for the database cluster and the Tivoli SA MP policies for the SAP central services cluster, the test team was able to set up and customize the cluster in a very short time. \n",
      "Main components\n",
      "The main components of the clustering software were Tivoli SA MP and the reliable scalable cluster technology (RSCT) software products from AIX. Tivoli SA MP is built on top of the inf-rastructure that RSCT provides on the operating system level to automate the switching of users, applications, and databases. Tivoli SA MP was used to automate the takeover of the database cluster by switching the role of primary DB2 HADR database from Host A to Host B, including the relocation of the service IP address. The service IP address is the access point for the SAP disp+work processes to access the database. It is therefore essential that this IP address follows the active database instance during a failover. On the application side an additional layer of high availability was introduced: the DB2 replica -\n",
      "tion feature (HADR), for an ultrafast database takeover. HADR does this with an active /semi-active concept of two identical databases that are kept in synchronization through log record shipping, and both the databases are online at the same time. One is the primary and the other the standby database.\n",
      "6 Tivoli SA MP support for DB2 HADR, with installation methods and supported policies, is integrated into the \n",
      "installation kits for SAP software and delivered as part of the product under an OEM agreement. Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 50From the network side all internal cluster communication, such as IP heartbeat, network tiebrea-\n",
      "ker, and log record shipping have been routed through the internal network to shield the databa-se from unauthorized access by end users.en1 \n",
      "DB2 HADR Primary Service IP  \n",
      "en1 Service IP  \n",
      " \n",
      " \n",
      "IP Heartbeat \n",
      "Network T iebreaker \n",
      "Log Record Shipping SA MP/RSCT  Backbone Network \n",
      "vscsi npiv \n",
      "Disk heartbeat \n",
      "SA MP/RSCT  \n",
      "DB2 HADR \n",
      "Primary Service IP  \n",
      "DB2  Instance DB2  Instance Host A  Host B \n",
      "DB2 Database \n",
      "Primary DB2 Database \n",
      "Standby SAP SCM \n",
      "App Server \n",
      "Official hostname  \n",
      "Rotating fallover IP  \n",
      "address \n",
      "Figure 7.3.1.1: Components of the database cluster\n",
      "7.4 Tivoli clustering concept for ABAP Database\n",
      "This section describes the functionality of the highly available DB2 database and how it benefi  ts \n",
      "the end-to-end solution design.\n",
      "7.4.1 IBM DB2 HADR \n",
      "During implementation, the test team used IBM DB2 for AIX with the replication feature: HADR provides a high-availability solution for both, partial and complete site failures. SAP customers that purchased IBM DB2 from SAP via OEM\n",
      "7 can use this feature at no cost as it is \n",
      "an integral part of the database engine, which provides greater protection and higher availability then a traditional failover. Each of the database instances has their own data and logs – there is no data sharing. This is an additional benefi  t for high availability. \n",
      "Another important fact is that \n",
      "the HADR cluster can span two sites for a disaster recovery scenario.\n",
      "7 OEM = original equipement manufacturer Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 51Without the HADR feature, the database high-availability design would be based on a mecha-\n",
      "nism to move the database to the surviving side, implying a cold start of the database which will increase the overall recovery times (traditional failover scenario). Whereas with HADR the standby database is already active, all database buffers are already fi  lled, thus providing an extre-mely quick failover.\n",
      "The primary server is the location of the source database and provides the active database service.  \n",
      "As transactions are processed on the source database server, database log records are automati-cally shipped to the secondary server. The test team cloned the standby database from the source database through an offl  ine backup or a FlashCopy through the SAN Volume Controller level. When HADR is started, log records are captured on the primary database and sent to the secon-dary database. After receiving, they are replayed on the secondary database. Through continuous replay of the log records, the secondary database keeps an in-sync replica of the primary database and acts as a standby database.\n",
      "Application\n",
      "DB2 Engine\n",
      "Tables\n",
      "Indexesnew\n",
      "logsold\n",
      "logsTables\n",
      "IndexesTables\n",
      "IndexesTables\n",
      "Indexesnew\n",
      "logsold\n",
      "logsHADR HADRSTANDBY SERVER PRIMARY SERVER\n",
      "Replay Master\n",
      "Shredder\n",
      "Redo Master\n",
      "Redo WorkersAlternate Connection\n",
      "(failover, client reroute)\n",
      "Primary Connection\n",
      "log writer log reader log readerLog BufferDB2 Engine\n",
      "Log Buffer\n",
      "Figure 7.4.1.1: IBM DB2 HADR principles\n",
      "Level of data protection\n",
      "HADR offers three levels of protection to prevent potential loss of data: \n",
      "• Synchronous mode\n",
      "• Near-synchronous mode\n",
      "• Asynchronous mode\n",
      "Synchronous mode offers the best protection of data at the expense of performance. As the com-mit is not written before, the primary receives acknowledgment that the secondary has applied the log records. The asynchronous mode gives less protection, and in this mode, the log write and send actions are performed in parallel, but the primary does not wait for an acknowledgment from the standby. Therefore network delay is not an issue. This is the reason why this mode is well suited for WAN application. SAP and IBM recommend using the near-synchronous mode  Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 52as it combines the advantages of both by providing nearly the same data protection as the syn-\n",
      "chronous mode and the overhead on the network is minimal. In the near-synchronous mode, the primary writes and sends log pages in parallel and waits for an acknowledgement from the stand-by before issuing the commit. The standby then sends the acknowledgement after applying the log records to the log buffer. \n",
      "HADRTCP/IP Socket\n",
      "Asynchronous\n",
      "Near-Synchronous\n",
      "Synchronoussend()\n",
      "receive()HADRSTANDBY SERVER PRIMARY SERVER\n",
      "new\n",
      "logsnew\n",
      "logslog writer\n",
      "Commit\n",
      "succeededlog writer\n",
      "Figure 7.4.1.2: HADR Synchronization modes\n",
      "IBM DB2 high-availability feature \n",
      "With the SAP cluster setup tool, sapdb2cluster.sh the DB2 high-availability feature can easily be deployed in an SAP DB2 HADR environment using IBM Tivoli SA MP . Through the strong integration of Tivoli SA MP with DB2, the test team was are able to manage the database cluster either with Tivoli SA MP cluster or with native DB2 HADR commands, such as db2 takeover, db2 start hadr, or stop hadr. This is a big relief in daily operation for the DB2 database adminis-trators who are more familiar with the DB2 syntax. Due to the tight integration of DB2 HADR with the SAP software, SAP customers also the option to start and stop DB2/HADR by using the startsap and stopsap commands instead. This provides further simplifi  cation of operating the HADR cluster. The SAP script handles the start and stop sequence for the HADR cluster under the covers.\n",
      "Hardware and software requirements\n",
      "The following prerequisites are necessary for implementing IBM DB2 HADR: \n",
      "a) Same database name for primary and standby database (SID)b) Same operating system and DB2 levels. (This rule can be violated for the DB2 level/\n",
      "OS system for a short time during a rolling upgrade.) \n",
      "c) High-speed backbone IP network between database nodes appropriate to the applica-\n",
      "tion load \n",
      "d) Identical table spaces and containers  Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 53T o accelerate the catch-up process, the log archive device for the primary and standby databases\n",
      "were shared by using NFS mounts for the archive logs, in addition to the SAP shared directories/usr/sap/trans and /sapmnt. This allows a single high-capacity network connection for NFS toserve the SAP needs, the archive needs, and the recovery needs.\n",
      "In an HADR environment, both the database servers need the same hardware resource for op -\n",
      "timal performance.  The proof of concept used Power virtualization methods to prioritize the \n",
      "processor resource distribution. This priority schema ensures that the necessary resources are dynamically redistributed according to requirements and the role of the components in the SAP SCM system. A cluster component will have very high priority, and can be sure that the proces-sor resources it needs for recovery will be available within 10 milliseconds, as nothing has higher priority than recovery of the production services.\n",
      "In this way the test team avoided the congested HADR state. Congestion occurs when the stand -\n",
      "by is unable to keep up with the transaction load generated by the primary, which causes the \n",
      "standby to fall behind or the performance of the primary to degrade.  \n",
      "The graphs in figure 7.4.1.3 and figure 7.4.1.4 depict the number of commits written by the \n",
      "application on the primary and the log gap (in kilobyte) between the primary and the standby databases resulting from a demand planning batch run. The demand planning application issues commits on a frequent basis which forces the primary to write the log records to disk and send them to the secondary in parallel (near-synchronous mode).  The frequent commit rate keeps the log gap small. The log gap shows the difference between the primary log sequence number (LSN) and the standby log LSN. The relatively low log gap and the fast takeover times are an indicator that the standby was capable to apply the log files fast enough to keep this gap very small. The test team has not seen any evidence that the commits are slowing down on the prima -\n",
      "ry which would have been the case if the standby was not capable of keeping pace in applying the log file. \n",
      "Another aspect which arises in failover situation is the shift in processing capacity requirements. \n",
      "The new primary database needs adequate resources to service the client applications – more re -\n",
      "sources than it required as a standby. During the tests, the test team did not encounter any signs of congested state or performance degradation when moving from one to the other database ser -\n",
      "ver. In this implementation, PowerVM was used to ensure the necessary availability of processor capacity. \n",
      "During the demand planning batch runs, the standby consumed around 50 percent less processor \n",
      "power then the primary, and has nearly the same memory requirements (12 percent less than the primary). The log record shipping generates additional load over the network, therefore net -\n",
      "work throughput is another key performance focal area in an HADR implementation. The Gbit Ethernet in the proof of concept scenario was sufficient for throughput/performance.  Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 54\n",
      "Figure 7.4.1.3: Primary database number of commits during Demand Planning batch run\n",
      "Figure 7.4.1.4: Secondary database log gap in KB during Demand Planning batch run Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 557.4.2 Automate IBM DB2 HADR cluster with Tivoli SA MP\n",
      "With IBM DB2 HADR alone it is not possible to automate the failover of the database or the \n",
      "migration of the service IP address. This is where Tivoli SA MP comes into play. Tivoli automa-tes the failover and offers cluster support. In setting up the cluster automation the test team used the SAP cluster setup tool, sapdb2cluster.sh, which defi  nes the SA MP resources as well as setting up the HADR defi  nitions for the database by invoking the DB2 high-availability instance confi  -guration utility (db2haicu). \n",
      "This section describes in more details how DB2 HADR was implemented with Tivoli SA MP \n",
      "based on a best practices. Figure 7.4.2.1 illustrates the cluster layout.\n",
      " \n",
      "NFS Server \n",
      " \n",
      " \n",
      "  \n",
      " \n",
      " \n",
      " \n",
      "  \n",
      " \n",
      " \n",
      " \n",
      "  \n",
      " \n",
      "WAN Development & Maintenance \n",
      "Backbone Network \n",
      "en0 en1 \n",
      "/sapmnt/ \n",
      "/usr/sap/trans \n",
      "/archive_logs \n",
      "Disk  \n",
      "Heartbeat en0 en1 \n",
      "Tivoli SA  MP \n",
      "RSCT Host A Host B Host C \n",
      "DB2 HADR Primary Service IP  \n",
      "DB2 Instance   \n",
      "  \n",
      " \n",
      " \n",
      " \n",
      "  \n",
      " \n",
      " \n",
      " \n",
      "  \n",
      " DB2 HADR \n",
      "Standby Service IP  en1 en0 \n",
      "Primary \n",
      "Database \n",
      "Standby \n",
      "Database DB2 HADR \n",
      "Standby \n",
      "Service I PTivoli SA  MP \n",
      "RSCT \n",
      "DB2 HADR \n",
      " Cluster IP Heartbeat \n",
      "IP Tiebreaker \n",
      "NFS Log record shipping \n",
      "Database connections \n",
      "RFC Calls  \n",
      "DB2 Instance   Backup Admin IP Heartbeat \n",
      " \n",
      "Figure 7.4.2.1: Layout – IBM DB2 HADR – Tivoli SA MP Cluster\n",
      "Two-node scenario \n",
      "Setup of a two-node cluster required the use of a tiebreaker to avoid a split brain situation. The following section describes the concept of a tiebreaker and the reason for the decision to use a network tiebreaker together with disk heartbeat functionality. Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 56Network tiebreaker and disk heartbeat\n",
      "An even number of nodes (two nodes) implementation always requires a tiebreaker to solve a \n",
      "split-brain situation. A split brain can occur when all private links go down simultaneously, but the nodes still remain active. If this happens, the cluster service cannot detect the problem, it might be that the either the nodes or the network is down. In this situation, to prevent each node in the cluster staring services that the other node is still running, a tiebreaker resource will be called which can help decide which node is allowed to run critical resources and gains the ope -\n",
      "rational quorum. If the node with service IP loses the competition for the tiebreaker, it will be immediately rebooted, and the resource will be moved to the winning node. There are four main groups of tie breakers in Tivoli SA MP: disk tiebreaker (most secure), network tiebreaker (easy to implement), operator tiebreaker (manual intervention by an operator) and an additional node (hardware/software/maintenance overhead).\n",
      "The test team wanted to combine the diagnosis routes of the disk and network tiebreaker, but \n",
      "they cannot be used together. Therefore, the team decided for the network tiebreaker against the disk tie breaker because it is easy to implement, has no hardware dependencies, and evaluates the availability of communication. T o overcome the downsides of the network tiebreaker, the recommendation was to add the relatively new functionality of the disk heartbeat (available since Tivoli SA MP 3.1.0.7 / 3.2.0.0). In cases where all IP network connections fail, the disk heartbeat decreases the chances of a cluster split because it is able to distinguish between a network and a node failure. With this solution, the team achieved faster failover times of approximately 30 seconds in case of a network error on the node that holds the service IP address. This is because, the network tiebreaker was not needed to resolve this error as the disk heartbeat was sufficient, and therefore there a reboot of the node was avoided. \n",
      "The team followed the rules for implementing the network tiebreaker and used the gateway \n",
      "router in the same subnet for the network tiebreaker ensuring that there is only one hop between each node in the cluster and the tie-breaker. The node that acts as the network tie breaker also appears as the NFS server and SAP Router in the proof of concept configuration.\n",
      "Network considerations\n",
      "The team implemented the traditional protection of SAP systems from direct client access by shielding the SAP system, including the database resources from the client network. The back -\n",
      "bone network covers all traffic between the database and the SAP application servers and SAP central services including intersystem communication, such as RFC and CIF calls. The SAP router node acts as the gateway between the client and the backbone network for network traf -\n",
      "fic generated by SAP GUI communication. All DB2 HADR communication routes (i.e. for log record shipping) were defined through the backbone network. On the Tivoli SA MP side, the network tiebreaker and the IP Alias were configured over the backbone network. The Tivoli SA MP IP heartbeat uses all available networks.\n",
      "Global directories, such as the DB2 archive logs, /sapmnt and /usr/sap/trans, also use NFS \n",
      "through the backbone network. Primary and standby database have access to the same archive log directory through the backbone NFS. The administration system supporting the SAP router also acted as the NFS server in this scenario. Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 57IP Alias\n",
      "In the literature, the terms virtual IP address and IP alias are used interchangeably, therefore, in \n",
      "this document the team agreed to use the term, IP alias.\n",
      "We have used the concept of IP alias to enable the SAP services (such as message/enqueue ser -\n",
      "ver, dispatcher, and so on) to automatically reconnect to the new primary database in case of a \n",
      "failover without being restarted. SAP fully supports IP alias takeover and also includes automatic reconnect features. The virtual host name is a reference on the DNS server or to the IP Alias in the /etc/hosts files. For more details, refer to the information on DNS in chapter 7.2 of this proof of concept.\n",
      "In this case, the IP alias was defined as an additional stack on the en1 adapter (backbone net -\n",
      "work) and the virtual hostname was provided to sapinst as a start parameter: SAPINST_USE_\n",
      "HOSTNAME=<virtual hostname>. Also the cluster setup executed with the sapdb2cluster.sh script was done with the virtual hostname (DB2_HA_HOSTNAME) and IP Alias (DB2_HA_IP_ADDRESS). Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 58Mapping DB2 HADR components to Tivoli SA MP resources\n",
      "Figure 7.4.2.2 shows the mapping of the DB2 HADR components, including the IP alias, to Ti-\n",
      "voli SA MP resources. All resource defi  nitions have been done with the sapdb2cluster.sh script. \n",
      "DB2 HADR Resource Group:\n",
      "db2_db2sc2-db2sc2_SC2-rg\n",
      "Floating Resource:\n",
      "DB Name: sc2\n",
      "db2_db2sc2_db2sc2_SC2-rs\n",
      "Floating Resource:\n",
      "db2ip_10_1_1_200-rs\n",
      "DB2 Resource Group:\n",
      "Instance: db2sc2\n",
      "Host: B\n",
      "db2_db2sc2_is04d2i_0-rgDB2 Resource Group:\n",
      "Instance: db2sc2\n",
      "Host: A\n",
      "db2_db2sc2_is03d2i_0-rgDB2 HADR\n",
      "Service IP Service IP\n",
      "NIC Name: en1\n",
      "Backbone\n",
      "networkNIC Name: en1DB2 HADR\n",
      "db2_db2sc2_is03d2i-rs db2_db2sc2_is04d2i-rs\n",
      "Network Equivalency Group\n",
      "en1 en1Host A Host B\n",
      "Figure 7.4.2.2: Mapping DB2 HADR components to the Tivoli SA MP resources\n",
      "The DB2 HADR cluster and IP alias form one DB2 HADR resource group and are defi  ned as fl  oating resources. A fl  oating resource can be moved between the nodes. Service IP represents the IP alias, the access point to the active database. In the case of a takeover, the service IP and the HADR role (primary) will be moved to the other cluster node. The DB2 instances on both the nodes are defi  ned in the DB2 resource groups as fi  xed resources. Fixed resources are bound to one node. \n",
      "It is important to understand the difference between the DB2 resources used for the DB2 in-\n",
      "stances and the DB2 HADR resource used for the DB2 HADR database. The DB2 resources are used to keep the instances online on their local nodes – for example, instance db2sc2 on \n",
      "Host A and instance db2sc2 on Host B. This is necessary in a DB2 HADR confi  guration because both sides of the HADR pair need to be online for normal operation. It is not necessary to failo-ver the DB2 resource group containing the db2 instance (db2sc2) from Host A to Host B or vice versa. Assume that db2sc2 is the primary instance for the database SC2. If the cluster node Host A goes down, the DB2 HADR resource is used to issue a TAKEOVER command on the databa-se SC2 on the standby instance db2inst2 on Host B. Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 59Network equivalencies define on which network interface controller (NIC) i.e. the Service IP \n",
      "will be activated. Therefore, it is necessary to define a network equivalency group so that Tivo-li SA MP is notified of NIC failures from the RSCT subsystem. An equivalency is similar to a resource group except that all its members will be of the same class (for example, IBM.Networ -\n",
      "kInterface in this case). \n",
      "A DependsOn relationship between the service IP and the network equivalency was defined to \n",
      "ensure that the resource (service IP) is started only when the target (NIC) is online. It includes an implicit collocation (the service IP is started at the same node as the NIC) and a force down behavior (if NIC fails, service IP is stopped). In this case, both the nodes have the NIC in the same network, and therefore, in case of NIC failure, the group is placed offline on the current node and moved to one that still has active NICs in the required equivalencies or networks. Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 607.5\t Tivoli\tclustering\tfor\tSAP\tcentral\tservices\tfor\tABAP\t(ASCS\tinstance)\n",
      "This section describes the design around the critical components of the SAP application server \n",
      "architecture and how they are made highly available.\n",
      "7.5.1 SAP central services – potential single points of failure\n",
      "In the standard central instance implementation, there are several potential single points of failu -\n",
      "res which can stop production activities. These include the database server, the global directories (shared file systems) and the SAP central services, consisting of enqueue and message server. \n",
      "The picture below shows a standard ABAP installation based on the SAP software kernel 7.0 in \n",
      "a non high-availability environment. The SAP central instance (SAP CI) runs the SAP primary application server including the SAP central services (SAP CS): message and enqueue services. The central services are unique system wide services which exist once per SAP system and there -\n",
      "fore represent single points of failure together with the database and the NFS Server. The single points of failure are marked with red cycles in the graph below. With the loss of the enqueue services, online and batch transactions will be canceled and rolled back; no transactions can be started. The consequence is downtime for SAP system until the services are restored. It is, there -\n",
      "fore, not sufficient to make the database highly available. The other sources of failures must also be addressed, as they will also negatively impact the system availability. \n",
      "In regard to the global shared directories, the test team assumes that most of the customers have \n",
      "already a HA NFS solution in place as this is a general requirement within an SAP landscape, and therefore, exclude this from the local cluster solution. The next section concentrates on the HA solution for the SAP central services. Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 61Primary Application Server\n",
      "Instance with Central ServicesDVEBMGS\n",
      "- Enqueue Server\n",
      "- Message ServerSAP Router + NFS Server\n",
      "DB2 Database Server\n",
      "NFS export\n",
      "Data connectionClient connection\n",
      "Single Point of Failure (SPOF)SAP Clients\n",
      "/usr/sap/trans\n",
      "/sapmnt/\n",
      "/archive_logs\n",
      "Additional\n",
      "Application\n",
      "ServersBatch\n",
      "Server\n",
      "Figure 7.5.1.1: ABAP Central Instance including SAP central services, enqueue and message server (SAP software kernel 7.0)\n",
      "SAP stand-alone enqueue server and SAP enqueue replication server\n",
      "The SAP enqueue service maintains application logical locks in an “in-memory” buffer for speed of transaction processing. Loss of the enqueue service will result in loss of the current lock status and therefore a necessary rollback of uncommitted transactions. The system will be nonfunc-tional (resulting in system downtime) until the services have been restored. T o improve on this, SAP has developed an enqueue solution for high-availability scenarios. The solution consists of the stand-alone enqueue server (EN) and the enqueue replication server (ERS). The enqueue replication server is used to maintain an ongoing and up-to-date copy of the state of the logical locks. Clients can connect directly to stand-alone enqueue server. When the stand-alone enqueue server fails, it will be restarted by the cluster software on standby node and the enqueue replica-tion server will be stopped. The stand-alone enqueue server reads the replication table and builds up the enqueue table in memory exactly as it was earlier. The high-availability software routes the clients through the service IP to the new stand-alone enqueue server. In this way, the logical locks are maintained over a failure, and the application can continue.\n",
      "The picture below shows the enqueue replication process. The test team followed this approach \n",
      "to make the enqueue services highly available. Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 62\n",
      "Standalone Enqueue Server\n",
      "Serialized\n",
      "Enqueue\n",
      "ProcessingSerialized\n",
      "Enqueue\n",
      "requests\n",
      "Serialized\n",
      "replication\n",
      "requests\n",
      "Replication\n",
      "Client\n",
      "Process\n",
      "EnqueueKeyI/O\n",
      "Thread\n",
      "Source: SAPResponse\n",
      "to Client\n",
      "blocked until\n",
      "replication\n",
      "doneReplication\n",
      "response frees\n",
      "response\n",
      "to client\n",
      "Replication\n",
      "ServerReplicated\n",
      "EnqueueServerApplication Server\n",
      "Dispatcher\n",
      "WP2 WP3 WP1\n",
      "Enq. Table\n",
      "copyEnq. Table\n",
      "Figure 7.5.1.2: Standalone enqueue server and enqueue replication server (ERS) (Source: SAP Help Portal)\n",
      "SAP central services for ABAP (ASCS instance)\n",
      "The fi  gure below shows the main SAP components and the service IP that comprises the ASCS \n",
      "cluster. The network and disk heartbeat components used here, have already been discussed in section: Network tiebreaker and disk heartbeat of chapter 7.4 and therefore can be omitted as the functioning is comparable.\n",
      "In the fi  gure 7.5.1.3, the components in darker blue are the active resources on this host. The \n",
      "areas in light blue are inactive and will be activated during failover by the cluster software.\n",
      "T o make the ASCS instance highly available, the team followed standard SAP installation pro-\n",
      "cedure and implemented the central services instance for ABAP (ASCS instance) and the central instance with the SAPinst tool on Host A. As no SAP components in Java™ were used, no SCS instance was needed.  Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 63SA MP/RSCT SA MP/RSCTBackbone NetworkHost A\n",
      "ASCS Instance\n",
      "ASCS00\n",
      "ERS service\n",
      "Enqueue replication\n",
      "Central Instance\n",
      "DVEBMGS01Service IPASCS InstanceASCS00\n",
      "ERS service\n",
      "Enqueue replication\n",
      "Add. Application Server\n",
      "D01Service IPHost B\n",
      "npiv vscsiService IP\n",
      "IP Heartbeat\n",
      "Network Tiebreaker\n",
      "Enqueue Replication\n",
      "Disk\n",
      "heartbeatDisk\n",
      "heartbeat\n",
      "en1en1\n",
      "Figure 7.5.1.3: Main components of the SAP ASCS services cluster Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 647.5.2 SAP central services made highly available with Tivoli SA MP\n",
      "/sapmnt/\n",
      "/usr/sap/transSAP Router\n",
      "NFS ServerSAP ERP\n",
      "Disk\n",
      "HeartbeatFirewallFirewall\n",
      "Host ESAP Clients\n",
      "Backbone NetworkWAN Development & MaintenanceHost D\n",
      "Host CHost C Host B\n",
      "SAP CS\n",
      "ClusterHost ABackup\n",
      "AdminIP Heartbeat\n",
      "IP HeartbeatIP Tiebreaker\n",
      "NFS SAP GUI\n",
      "connections\n",
      "Enqueue Replication\n",
      "DatabaseConnections\n",
      "ASCS Instance\n",
      "ASCS00\n",
      " Service IP\n",
      "ERS service\n",
      "Enqueue replication\n",
      "Add. Application\n",
      "Server - D01- Dialog serverASCS Instance\n",
      "ASCS00\n",
      " Service IP\n",
      "ERS service\n",
      "Enqueue replication\n",
      "Central InstanceDVEBMGS01- Dialog serverWAN\n",
      "en0 en1 en0 en1 en0 en1en0 en1en0 en1\n",
      "Add. Application\n",
      "Server – D01-Batch server\n",
      "Figure 7.5.2.1: Layout – SAP central services – Tivoli SA MP cluster \n",
      "Refer to the “IBM Tivoli SA MP and IBM DB2 HADR” section in chapter 7.4 for details on the fol -\n",
      "lowing topics: Two-node scenario, network tiebreaker and disk heartbeat, network considerations, and IP \n",
      "alias. As the concepts and implementation were identical, the design criteria apply to both.\n",
      "The ASCS instance hosting the central services on host A and the ERS on host B form the SAP \n",
      "central services cluster. In addition, three application servers were installed, two of them acted as dialog servers and the third one on host C covers the batch load. Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 65Mapping SAP central services components to Tivoli SA MP resources\n",
      "Figure 7.5.2.2 shows the mapping of the SAP central services components, including the IP alias, \n",
      "to Tivoli SA MP resources. All resource defi  nitions were performed with Tivoli SA MP high-availability policy for SAP .\n",
      "Host A Host B\n",
      "SAP ASCS - Resource Group:\n",
      "SAP_ABAP_SC2_ASCS00\n",
      "SAP ERS - Resource Group:\n",
      "SAP_ABAP_SC2_ASCS00REPFloating Resource:\n",
      "Enque Server, Message Server,\n",
      "SAP-Gateway, Send and Collector Daemon\n",
      "Floating Resource:\n",
      "Enque Server, Message Server,\n",
      "SAP-Gateway, Send and Collector DaemonFloating Resource:\n",
      "db2ip_10_1_1_200-rs\n",
      "ERS ERS\n",
      "Application ServerResource Group:Instance: DVEBMGS01SAP_ABAP_SC2_is03d3i_DVEBMGS01\n",
      "NIC Name: en1\n",
      "Backbone\n",
      "networkNIC Name: en1Network Equivalency Group\n",
      "en1 en1SAP_ABAP_SC2_is03d3i_DVEBMGS01_ASApplication ServerResource Group:Instance: D01SAP_ABAP_SC2_is04d3i_D01\n",
      "SAP_ABAP_SC2_is04d3i_D01_ASASCS00\n",
      "Service IP Service IPASCS00\n",
      "Figure 7.5.2.2: Mapping SAP central services components to Tivoli SA MP resources\n",
      "The ASCS instance and IP alias form one ASCS00 resource group, and are defi  ned as six fl  oating resources: stand-alone enqueue server (EN), message server (MS), SAP gateway (GW), system log send (SE), system log collector (CO), and the service IP .  A fl  oating resource can be moved between the nodes. Service IP represents the IP alias. In the case of a takeover, the service IP will be moved to the other cluster node. In addition, a second resource group with fl  oating resources for the enqueue replication server was defi  ned. The two application servers build two resources groups with fi  xed resources. Fixed resources are bound to one node.  Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 66In this setup there are a number of dependencies to define the start/stop and failover behavi -\n",
      "or of the resources in a controlled manner. The SAP central services resources depend on the \n",
      "service IP resource and will be started only when the service IP is online. Without the service IP address, no other SAP process might be able to connect to the central services. And again as in the previous DB2 HADR scenario, there is DependsOn relationship between the service IP and the network equivalency, which ensure that the source (service IP) is started only when the target (NIC) is online\n",
      "If the stand-alone enqueue server or the IP resource fails, no restart is attempted. This is because \n",
      "the memory buffer is already lost and the only intact copy of the enqueue table is on the replica -\n",
      "ted server, and therefore, a failover of the whole group is triggered instead. If the message server fails, first one restart is attempted. If this restart fails, the cluster manager initiates a failover of the whole group. Only the message server, the stand-alone enqueue server and the service IP resource can trigger a failover. If any of the optional three resources fails (CO, SE, or GW) and cannot be restarted, no failover is triggered.\n",
      "Tivoli SA MP defines dependencies for the stand-alone enqueue and the enqueue replication \n",
      "server\n",
      "ABAP Network\n",
      "Equivalency\n",
      "Network Interface\n",
      "One per Cluster Node\n",
      "Network Interface\n",
      "One per Cluster Node\n",
      "ABAP\n",
      "Service IPEnqueue Server\n",
      "Message Server\n",
      "SAP Gateway\n",
      "SAP System Log\n",
      "CollectorEnqueue\n",
      "Replication Server\n",
      "Primary\n",
      "Application Server\n",
      "AdditionalApplication ServerSAP System Log\n",
      "SenderABAP SAP Central Services Group Enqueue Replication\n",
      "Server Group\n",
      "Primary Application\n",
      "Server Group\n",
      "Additional Application\n",
      "Server GroupStart After, Is Startable,\n",
      "AntiCollocated\n",
      "Collocated\n",
      "if not offline\n",
      "Start  After\n",
      "Start  AfterStart After, Is Startable,\n",
      "AntiCollocated\n",
      "Collocated\n",
      "if not offline\n",
      "Start  After\n",
      "Start  AfterDepends On\n",
      "Depends On\n",
      "Depends On\n",
      "Depends On\n",
      "Depends On\n",
      "Depends On\n",
      "Figure 7.5.2.3: ASCS Tivoli SA MP policy  Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 67The stand-alone enqueue server and the enqueue replication server are distributed in the cluster \n",
      "depending on the following scenario.\n",
      "Startup scenario:\n",
      "• All resources are offline. The stand-alone enqueue server is started. During startup, \n",
      "only the Collocated/IfNotOffline relationship needs to be considered. As the enqueue replication server is currently offline, this relationship has no impact. The stand-alone enqueue server will be started in the order of the nodes listed in NodeNameList.\n",
      "• Now the enqueue replication server is started. The relationships of the ERS to the EN lead to the following behavior:\n",
      " –ERS p AntiCollocated p EN: The ERS is always started on a different node than the EN.\n",
      " –ERS p StartAfter p EN: The ERS is started after the EN has become online.\n",
      " –ERS p IsStartable p EN: The ERS is only started on a node whe-re the EN potentially can be started.\n",
      "Both EN and the ERS are now online on different nodes.\n",
      "Failure scenario:\n",
      "In a failure scenario where the stand-alone enqueue server fails, the relationships lead to a diffe -\n",
      "rent sequence of events, as the stand-alone enqueue server is not online as expected.\n",
      "• The stand-alone enqueue server is now offline due to the failure. The stand-alone enqueue server is restarted. During startup, only the Collocated or IfNotOffline rela -\n",
      "tionship needs to be considered. As the enqueue replication server is now online, this relationship starts the EN on the node where the ERS is already running. All other resources of the central services group are started on the same node where the ERS runs. After the EN has replicated the data, the ERS terminates.\n",
      "• Now the enqueue replication server is restarted on a different node. The relationship of the ERS to the EN leads to the following behavior:\n",
      " –ERS p AntiCollocated p EN: The EN and the ERS are running on different nodes Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 687.6\t SAP\tliveCache\twith\tHotStandby\tdesign\tand\trequirements\n",
      "The following information over the implementation of SAP MaxDB with HotStandby is thanks \n",
      "to the SAP Labs in Berlin where SAP MaxDB and SAP liveCache are developed. A few com -\n",
      "ments are added to connect the general design for SAP MaxDB with HotStandby to implemen -\n",
      "tation done for SAP liveCache on IBM System Storage. The focus in this document is on SAP liveCache with HotStandby as a component of SAP Advanced Planning & Optimization.\n",
      "7.6.1 SAP MaxDB/SAP liveCache with HotStandby\n",
      "A hot standby differs from a conventional failover HA solution in several ways. In a HotStandby solution, both databases are running in parallel in an active / passive partnership. The standby is maintained in a continuous restart state which allows it to maintain synchronization with the production database. This is done by reapplying log records from transactions to the standby  database. The STANDBY status of the database, between ADMIN and ONLINE makes it pos -\n",
      "sible for the standby to switch to active mode in a very short time, and maintain data consistency \n",
      "by completing all transactions.  \n",
      "The design of the liveCache HotStandby relies on the functionality of the storage subsystem. \n",
      "The requirements are the ability to generate a full stand-alone read-write split mirror of the  \n",
      "SAP liveCache data and concurrent access by both active and standby server to the database log volumes.  \n",
      "The concurrent log volumes are written by the active SAP liveCache, and read by the  standby. \n",
      "This is the mechanism for insuring that all data is synchronized in the standby. There is an \n",
      " ongoing communication between the active and standby SAP liveCache to keep the standby \n",
      "informed of the most current log record and log volume position. \n",
      "In the case of a failure of the active SAP liveCache, the standby commits any outstanding tran -\n",
      "sactions in the log, takes control of the log (switches to write mode) and becomes the active SAP \n",
      "liveCache. The SAP liveCache database instances are peers and provide rotating standby. When the failed primary server is reactivated, it will become the standby. \n",
      "SAP liveCache with HotStandby relies on the operating system to provide a cluster solution \n",
      "to detect the failure of the active SAP liveCache, switch the standby server to active status, and initiate the transfer of the SAP liveCache IP service address from the failed server to the server assuming active status.\n",
      "With HotStandby, the time needed for starting the database instance and building the memory \n",
      "structures is saved. This is important in the case of SAP liveCache due to the very large memory structures which must be initialized while starting. Additionally, the time needed for restoring log information is reduced to nearly nothing. Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 69liveCache liveCacheliveCache liveCache\n",
      "StorageSystemCluster DataAfter\n",
      "ImagesPrimary Backup\n",
      "continous\n",
      "RESTARTIP SWITCHRECONNECTApplication\n",
      "Archive\n",
      "LogData Data\n",
      "Figure 7.6.1.1: Overview of SAP liveCache HotStandby provided by SAP\n",
      "Basis of SAP MaxDB with HotStandby\n",
      "The solution, as supported in this HotStandby implementation, consists of two physically sepa-rate database servers with physically shared storage. The cluster instance on the failover system is used to detect a situation necessitating failover and to perform the operations needed to redirect client connections (IP Alias takeover). The SAP MaxDB with HotStandby implementation is based on two or more separate database servers (the IBM solution documented here supports a cluster pair) that access a single storage system. The data-volumes for each database are separate and the log volume is shared. Each database server must have its own unique network address.\n",
      "Between master and standby instances, a synchronization channel is established which is only \n",
      "needed to transfer synchronization information (such as the last write position in the log volume) but not for data transfer. The bandwidth for this link can be quite small.\n",
      "The LOG and DATA volumes have special requirements:\n",
      "• The access type to the LOG volumes is read-write to the master, and read-only to the \n",
      "standby server. Access is concurrent. The IBM solution does not restrict the standby server to read-only but relies on the logic of the takeover to ensure that only one in-stance is actively writing to the log volume.\n",
      "• Fast mirror of DATA volumes (so called split mirror or snapshot), that allows the standby server DATA volumes to be established using the current image of the master server DATA volumes and vice versa (if master/standby roles are switched). The IBM solution presented here uses the FlashCopy functionality of the IBM storage servers to generate the split mirror.\n",
      "• After a mirror of the DATA volumes is established, separation must be possible which will allow both the master and the standby servers to mount their DATA volumes for read/write. The IBM FlashCopy functionality establishes a logical copy within seconds, which can then be used as a completely stand-alone and totally consistent copy. The actual physical coping of data blocks continues in background while the new copy is already read/write capable.\n",
      " Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 70The SAP MaxDB runtime is extended by the API functions to allow mirror establishing, mirror \n",
      "separation, and read-only/read-write switching. These routines have a separate layer that abs -\n",
      "tracts the used storage system (RETHSS_API). This API is the basis of the shared library integ -\n",
      "ration of SAP liveCache with IBM System Storage.\n",
      "The SAP application programming interface (API) allows storage solution providers to integrate \n",
      "their storage functionality with the HotStandby control mechanisms of the SAP liveCache. This API exports the SAP liveCache logic that is then mapped to the functionality of the target sto -\n",
      "rage server which fulfills the necessary requirements. The end result of this API integration is a shared library which is then made available to SAP liveCache and enables the HotStandby.\n",
      "Configuration for HotStandby\n",
      "The configuration parameters are shared between all HotStandby database servers. They consist of the normal set of parameters for SAP MaxDB databases and some extended parameters for the HotStandby solution. The parameters of SAP liveCache database instances are read only once during startup. This means that the configuration file cannot be dynamically modified. How ever, \n",
      "HotStandby nodes can be added if the master is running. The default master (by convention HS_NODE_001) and the official node name used by all clients are added.\n",
      "OFFICIAL_NODE  Official node name used for client access to master node  \n",
      "    – recommended the host name used for the service IP alias.\n",
      "HS_STORAGE_DLL The name of the storage access library which implements \n",
      "    the HSS_API.\n",
      "HotStandbySyncInterval  Defines how often the master sends synchronization information \n",
      "    to the standby, instructing the standby to continue with log recovery. \n",
      "    The default value is 50 seconds.\n",
      "All other parameters are common, especially the volume names and sizes, the logical name of the \n",
      "database instance, and the cache size.\n",
      "Each instance will use the OFFICIAL_NODE for storing the official hostname in the SAP \n",
      "MaxDB system tables. The official hostname is shared over all instances. The matching local HS_NODE_NNN will be searched by using the output of uname –n on UNIX® systems. The SAP MaxDB runtime has an additional routine that allows the SAP MaxDB kernel to identify itself. This local node name must be a valid network name as it is used by the master instance to establish the synchronization channel to the standby instance.\n",
      "The OFFICIAL_NODE must not match any of the HS_NODE_NNN entries (this is the IP \n",
      "Alias used for the service address and therefore cannot be bound to a node).\n",
      "Each HS_NODE_NNN must be unique and assigned to a separate machine (in this solution, \n",
      "there is a single standby server  and so there are three IP addresses: the master, the standby, and the IP Alias). Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 71Example taken from kernel output on the HotStandby cluster:\n",
      "HotStandbyNodeName001=IS03D11HotStandbyNodeName002=IS04D11 HotStandbyStorageDLLPath=libHSSibm2145 HotStandbySyncInterval=50 HS_NODE_001=IS03D11 HS_STORAGE_DLL=libHSSibm2145 HS_SYNC_INTERVAL=50 OFFICIAL_NODE=LCHLCIP\n",
      "The names with uppercase letters are old parameter names used prior version 7.7. The old names\n",
      "can still be used for compatibility reasons.\n",
      " HS_NODE_00n = HotStandbyNodeName00n\n",
      " HS_STORAGE_DLL = HotStandbyStorageDLLPath HS_SYNC_INTERVAL = HotStandbySyncInterval\n",
      "Below are some of the commands that can be used at DBMCLI level to defi  ne the HotStandby.\n",
      "The SAP GUI database manager tool can be used to implement the HotStandby setup directly aswell.\n",
      "Figure7.6.1.2: HotStandby Commands\n",
      "See chapter 9.1 „Related documents and sources of further information” for more detailson Hot Standby commands. Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 727.6.2 Supported SAP liveCache and SAP SCM versions\n",
      "HotStandby support for SAP MaxDB/SAP liveCache began with version 7.5. Information on \n",
      "SAP liveCache versions belonging to certain SAP SCM versions can be found at  \n",
      "https://service.sap.com/pam.\n",
      " SCM 4.0 p SAP liveCache 7.5 SCM 4.1 p SAP liveCache 7.5     \n",
      " SCM 5.0 p SAP liveCache 7.6 SCM 5.1 p SAP liveCache 7.7\n",
      " SCM 7.0 p SAP liveCache 7.7\n",
      "7.6.3 SAP liveCache and SAP APO transaction LC10\n",
      "The position of SAP liveCache in an SAP SCM system, rather than as a SAP MaxDB database \n",
      "introduces some additional complexity for the failover cluster solution. liveCache is controlled from the SAP APO transaction LC10.\n",
      "From this transaction it is started, stopped, and initialized. These activities also trigger reports in the SAP APO system which release temporary locks in the SAP liveCache and perform other cleanup/syn -\n",
      "chronization activities. It is therefore not recommended to start a SAP liveCache instance from the  cluster without knowing the status it is expected to be in from the view of application. The cluster is \n",
      " required to maintain some knowledge of the application status – whether it is in status started or stopped.\n",
      "SAP APO does provide a type of user exit or hook in the routine which starts and stops SAP \n",
      "liveCache. The trigger is the existence of the script, lccluster. If this script is available, informa-tion on the action being executed by SAP APO is passed to the cluster through execution of this script. If no script exists, then the cluster is not informed.\n",
      "The lccluster script is expected in the dependent program path. As of SAP liveCache 7.5 and \n",
      " higher, this is called the installation path. So the SAP APO administration mechanism control -\n",
      "ling SAP liveCache searches and uses the following script:\n",
      " <InstallationPath>/sap/lccluster\n",
      "If the script is not found at this location, it is assumed that this is not a HotStandby and no linka -\n",
      "ge is made with the cluster support.SAP recommends using the installation path /sapdb/<SID>/db. Normally, if you install SAP \n",
      "MaxDB with SAP tools, this will be the default path set during the installation process.\n",
      "7.6.4 Overview of the solution and support\n",
      "The implementation of HotStandby supported by IBM System Storage is based on IBM flash copy functionality. Full FlashCopy with FC consistency groups is used to generate the consistent split mirror of multiple volumes. The initiation of a FlashCopy mirror creates a logical FlashCo -\n",
      "py within seconds, which is independent and can be used in read/write mode. The actual copy of the data takes place in the background. The freshly initiated copy can be seen as something simi -\n",
      "lar to a paging space – pages that are being accessed are made available immediately and updates are done directly to the new copy.  As a result, the HotStandby can be activated in seconds. Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 73The actual full data copy will complete later, and the duration for this can be in minutes or hours \n",
      "depending on the server type, the speed set for the copy, the amount of data, and the layout of the data on the logical disks (whether serial or parallel FlashCopy paths are used). This activity is asynchronous and transparent to the new HotStandby.\n",
      "If the standby has been offl  ine for some time and the copy of its data is no longer compatible \n",
      "with the current online log, the SAP liveCache will reinitiate the FlashCopy and refresh the standby servers’ data.\n",
      "SAP l iveCache\n",
      "PrimarySAP l iveCache\n",
      "HotStandby\n",
      "Integration SAP LC to IBM \n",
      "storage: PowerHAsharedlib\n",
      "LC HotStandb ySolution basedon storagelevel\n",
      "librariesand controlledbyclusterSAP live\n",
      "Cache Log\n",
      "SAP\n",
      "liveCache SSAP\n",
      "liveCache P\n",
      "Rotatingrecoveryvia \n",
      "FlashCopyCluster ManagedRotatingIP Service Address\n",
      "Figure 7.6.4.1: Overview of HotStandby with FlashCopy\n",
      "In the case of a failure, where the standby has become primary, it will reverse the FlashCopy direction to bring the failed ex-primary back online as standby as soon as it becomes available. So the FC can fl  ow in both the directions. A standby going online will check the state of its data and if the data is stale, will request a new FlashCopy. This FlashCopy will take place between disk pairs that are currently accessible and being accessed from both the servers. The standby will have its volumes open to check for data consistency. The log will need to access the data to check its status, and the primary will be accessing its copy of the data as it is operationally online. For this reason, the data disks are raw disks, or raw logical volumes (without fi  le systems).The concurrently active log is also a raw device as this is being written by one server and read by the other simultaneously.\n",
      "The shared library must be installed in the search path as indicated in fi  gure 7.6.5.1 to make it \n",
      "available to SAP liveCache. The other paths are default installation paths that are documented here for reference. Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 747.6.5  liveCache HotStandby with IBM Storage\n",
      "The integration of SAP liveCache with the IBM storage servers supports the IBM System Sto -\n",
      "rage DS8000, IBM Storewize V7000, and the SAN Volume Controller. The SAN Volume Con-\n",
      "troller is a storage virtualization solution, such that below the SAN Volume Controller level, any SAN storage can be used. \n",
      "Figure 7.6.5.1 shows the components of the solution. The libHSS<type> is the actual shared lib -\n",
      "rary which IBM developed for the API provided by SAP . This library will be available as a feature \n",
      "of IBM AIX PowerHA, which also provides the necessary cluster management. The solution package includes storage connectors which are scripts that interface the library to the specific storage server API.\n",
      "SAP li veCach e\n",
      "libHSS SAP API     \n",
      "IBM s torage library\n",
      "Storage C onnectors\n",
      "OS access to storag eliveCache Database Server\n",
      "SAP/IBM shared library\n",
      "<Independent_program_path>/lib/lib64/libHSSibm<type>so \n",
      "(Example: <Type> = 2145 = SVC  )\n",
      "IBM storage conn ector sc rips and conf iguration file\n",
      "Scripts: /opt/ibm/ibmsap/connectors/H SS<type>\n",
      "Config:/opt/ibm/ibmsap/<LC SI D>/RTEHSS_config.txt\n",
      "Storage depenentaccess to sto rage API \n",
      "Exampl e: SVC v ia secure shell\n",
      "Storage Ser ver \n",
      "FunctionalityStorage  Server Fun ction ality via APISAP\n",
      "SAP/IBM \n",
      "Integra tion\n",
      "IBM\n",
      "Figure 7.6.5.1: Overview of solution components\n",
      "The shared library must be installed in the search path as indicated in figure 7.6.5.1 to make it available to SAP liveCache. The other paths are default installation paths that are documented here for reference.\n",
      "7.6.6  The solution on virtualization\n",
      "HotStandby can be implemented using directly attached storage, as well as through virtualiza -\n",
      "tion in PowerVM. The VIOS provides a virtualization layer for the I/O hardware, allowing the LPARs to share the adapters and I/O paths. This is described in detail in section 7.2. The major benefit for the HA implementation is that redundant I/O paths can be created inexpensively as the components are shared by all the LPARs. Virtual I/O is also a prerequisite for LPM (Live partition mobility) which extends the availability options of the solution. An LPAR can be moved from one machine to another to allow for planned maintenance without disruption to the appli -\n",
      "cation. Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 75liveCache liveCache liveCache liveCache liveCache liveCache liveCache liveCache\n",
      "RESTARTcontinousCluster DataAfter\n",
      "ImagesPrimary BackupIP SWITCHRECONNECT\n",
      "StorageSystemCluster DataAfter\n",
      "ImagesPrimary Backup\n",
      "continous\n",
      "RESTARTIP SWITCHRECONNECTApplication Application\n",
      "Archive\n",
      "LogData Data\n",
      "SVC Storage VirtualizationPowerVMVIOS\n",
      "Storage Server  LUNs  \n",
      "Figure 7.6.6.1: Implementation of virtualization layers\n",
      "The diagrams in fi  gure 7.6.6.1 show the original design with directly-attached storage and map \n",
      "this to virtualization. In the proof of concept, two levels of virtualization were used in order to ensure that the most-fl  exible solution was also feasible. In this case, virtual I/O functionality of the server (VIOS) provides the virtualization of the server I/O paths, and the SAN Volume Cont-roller provides the virtualization of the storage. \n",
      "The integration solution depends on the library being able to issue storage function calls to the \n",
      "storage server through the storage API. The connectors do this, and in order to do this, there must be a network connectivity between the LPARs on which the HotStandby solution is run-ning, and the storage server for FlashCopy services. In the example in fi  gure 7.6.6.1 (right), com-munication paths must exist between the SAN Volume Controller, which provides the FlashCopy services for downstream devices, and the SAP liveCache LPARs. The access is through secure shell communication and is described in section 7.7.9 ”SSH authorization from HotStandby to SAN Volume Controller”.\n",
      "The SAN Volume Controller also provides the wherewithal to mirror the mission-critical data \n",
      "across storage servers. With mirrored storage, the application can survive the loss of a complete storage server without interruption.\n",
      " Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 76SAP l iveCache\n",
      "PrimarySAP l iveCache\n",
      "StandbySAP A PO AppServers\n",
      "SAP\n",
      "liveCache P\n",
      "SAP\n",
      "liveCache PSAP\n",
      "liveCache PSAP\n",
      "liveCache S\n",
      "SAP\n",
      "liveCache S\n",
      "SAP\n",
      "liveCache SSAP live\n",
      "Cache Log\n",
      "SAP live\n",
      "Cache LogSAP live\n",
      "Cache LogSVC\n",
      "Any SA N 2 Any SA N 1PowerHACluster\n",
      "FC Pair\n",
      "Figure 7.6.6.2: SAP liveCache with HotStandby with SVC mirrored storage\n",
      "This is a signifi  cant benefi  t for mission critical systems. The fl  exibility of the virtualization layer \n",
      "in the SVC also makes it easy to provide a non interruptive storage system migration. The volu-mes can be moved from one storage pool to another (from one physical server to another) wit-hout breaking the FlashCopy relationship or disturbing the cluster solution. Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 777.7\t Design\tof\tthe\tPowerHA\tCluster\tfor\tSAP\tliveCache\tHotStandby\n",
      "This example shows the design for PowerHA version 7.1. This design will be revisited for any \n",
      "changes coming from the PowerHA version offering SmartAssist support for the HotStandby solution.\n",
      "Back\n",
      "Boneen1WAN\n",
      "Client\n",
      "en0SAP Rout er\n",
      "NFS serversapgu\n",
      "NFS FS\n",
      "/sapmnt/<SID>\n",
      "/usr/sap/trans\n",
      "/archivelogsFCA  (virt.)\n",
      "WAN\n",
      "Development & \n",
      "Main tenanceHACMP 7.1\n",
      "Broadcast HBi\n",
      "Back\n",
      "BoneNFS Broadcast HBSAP li veCache\n",
      "Log Synch\n",
      "Communication\n",
      "NFS     NFS server\n",
      "Sapu i via saprouter\n",
      "SAP liveCacheService IP Alias\n",
      "Concurrent I/ONFS server\n",
      "TSM server\n",
      "Broadcast HBBroadcast HB\n",
      "Concurrent I/O\n",
      "PrimaryHost A\n",
      "FC connectivity (virt.)ETH connectivity (virt.)en0\n",
      "Host B\n",
      "FC connectivity (virt.)\n",
      "ETH connectivity (virt.)\n",
      "en1\n",
      "StandbyHACMP HACMP\n",
      "SAP\n",
      "liveCacheSAP\n",
      "liveCache\n",
      "SAP live Cache\n",
      "SAP live Cache SAP live CacheLog\n",
      "CAA\n",
      "RepositoryNPIV*1/sapdb /sapdb\n",
      "*1 –access  path must be identical on \n",
      "both  sides –either both  NPIV or both  \n",
      "vSCSI\n",
      "Figure 7.7.1: Overview of proof of concept cluster implementation.\n",
      "PowerHA 7.1 differences:\n",
      "• Move from heat-beat disk to combined repository and heart-beat functionality.\n",
      "• Move from persistent boot addresses to the user of multicast I/O for heart-beatbroadcast. Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 78Definition of infrastructure and service in SAP liveCache cluster design\n",
      "The PowerHA design for SAP liveCache separates the application as a service under control of \n",
      "the corresponding SAP APO and the required infrastructure as seen from PowerHA. The inf -\n",
      "rastructure consists of the resources combined into the resource groups which need to be made available as pre-requisites for SAP APO to be able to start the SAP liveCache as a service. The SAP liveCache as a service is started and stopped by SAP APO. The reason for this differentiati -\n",
      "on is the need for SAP APO to administer the SAP liveCache and keep synchronization between SAP APO and SAP liveCache.\n",
      "• Infrastructure: Refers to the resources brought online by starting the cluster in preparation for SAP APO to start the service. It includes volume groups, service IP , application monitors and x_server.\n",
      "• Service: Refers to the online SAP liveCache service as an active database, whether the SAP liveCache is online or offline according to the actions taken by the SAP APO adminis -\n",
      "trator.\n",
      "This separation of power results in the following two categories of control:\n",
      "• Administrative cluster tasks such as starting, stopping, and moving the service provided by SAP liveCache and its required infrastructure.\n",
      "• Failures of SAP liveCache as a service and/or failure of the server nodes that result in the automatic recovery provided through the implemented cluster.\n",
      "High-availability considerations for network and storage related components are covered by the infrastructure design. Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 79Cluster design – PowerHA\n",
      "Figure 7.7.2 shows the PowerHA resource groups used to support the SAP liveCache cluster \n",
      "design. The configuration consists of three resource groups.\n",
      "• RG_LC – this resource group is online on both nodes and contains the shared SAP liveCache log volume group. It must be brought online by PowerHA as it relies on the cluster functionality for concurrent access. Note: The data volumes are brought online on each node automatically at OS level as they require no special treatment.\n",
      "• RG_LC_MASTER – this resource group consists of the IP-Alias used as the service address for SAP liveCache and the master application monitor. This resource group is only active on one of the nodes at any time.\n",
      "• RG_LC_SLAVE – this resource group consists of the slave application monitor. It is only active on one node at any time different to the RG_LC_MASTER. \n",
      "The primary server is represented by the resource group, RG_LC_MASTER. This resource group is active on one node or the other – never on both. It contains the IP alias used by the ap -\n",
      "plication to access SAP liveCache. The IP- alias and the master monitor are rotating resources. \n",
      "Both the standby (slave) and the master have application monitors. The monitors have different \n",
      "actions depending on the role of the application that they are monitoring. The master monitor attempts to keep the SAP liveCache in the ONLINE status, whereas the slave monitor tries to maintain an instance in the standby mode if a start request from SAP APO allowed the service to be started.\n",
      "LC IP-ALIASMaster MonitorStatus: rg_lc_master online\n",
      "Status: rg_lc onlineRaw\n",
      "Logvg\n",
      "Host ASlave MonitorStatus: rg_lc_slave online\n",
      "Host BStatus: rg_lc onlineRaw\n",
      "Logvg\n",
      "Fig 7.7.2: Overview of the PowerHA resource groups Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 80In general, during a takeover, the slave monitor on the standby side is replaced with the master \n",
      "monitor and the IP alias resource is moved to the node assuming the master mode. Action is then triggered to change the SAP liveCache instance status from STANDBY to ONLINE while both the resource groups are tried to be kept in the cluster related state ONLINE.\n",
      "View of resource groups in an active clusterThe clRGinfo command displays the status of the resource group infrastructure. This does \n",
      "not mean that the SAP liveCache service is online as this depends on the SAP APO application status. The cluster differentiates between the starting of the cluster, and the starting of the SAP liveCache service. The active cluster and the online resource groups are the prerequisite for star-ting the SAP liveCache service.\n",
      " # clRGinfo\n",
      " ------------------------------------------------ Group name  Group state Node ------------------------------------------------ rg_lc_hlc  ONLINE is03d11    ONLINE is04d11\n",
      " rg_lc_hlc_master ONLINE is03d11\n",
      "    OFFLINE is04d11\n",
      " rg_lc_hlc_slave ONLINE is04d11\n",
      "    OFFLINE is03d11\n",
      "NFS shared repository for status information\n",
      "Host A Host Bnode A node B\n",
      "shared\n",
      "(log volume(s))Loca l \n",
      "(rootvg)Loca l \n",
      "(sapdbv g)Loca l \n",
      "(rootvg)Loca l \n",
      "(sapdbv g)\n",
      "FlashCopy\n",
      "(data volume(s))FlashCopy\n",
      "(data volume(s))NFS shared \n",
      "lock directoryHA NFS server\n",
      "Figure 7.7.3: Overview of the storage components Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 81The implementation design also requires a reliable NFS location for control information which \n",
      "influences the behavior of the cluster. The location of this lock directory is one of the configu -\n",
      "ration parameters in the cluster configuration file. The shared lock directory is used for both synchronization between the cluster and SAP APO, and the synchronization of the application monitors within the cluster.\n",
      "SAP liveCache service\n",
      "The responsibility for the status of the SAP liveCache database service is with the application. SAP liveCache is a component of SAP APO and integrated into the transaction LC10. From this transaction, the status of SAP liveCache is controlled. It is started, stopped, and initialized. These actions can lead to synchronization actions within the SAP APO application itself which are important for data consistency. For this reason, the cluster does not have the logical authority \n",
      "to start and stop SAP liveCache as a service according to the state of the cluster. The cluster must \n",
      "retain knowledge of the status of SAP liveCache as set by the application and manage the cluster \n",
      "activities accordingly. \n",
      "SAP APO provides a hook in the path from LC10 to SAP liveCache that can be used to provide \n",
      "information on the ongoing action to the cluster. This is implemented through the presence of the script, lccluster.\n",
      "LC IP-Alias\n",
      "Status: rg_lc_master online\n",
      "Status: rg_lc onlinelcclusterLC10\n",
      "lccluster\n",
      "Master Monitor\n",
      "Status: rg_lc_slave online\n",
      "Status: rg_lc onlineSlave MonitorLC10: \n",
      "StatusSAP APO\n",
      "LC IP-Alias\n",
      "Status: rg_lc_master online\n",
      "Status: rg_lc onlinelcclusterLC10\n",
      "Primarylccluster\n",
      "StandbyMaster Monitor\n",
      "Status: rg_lc_slave online\n",
      "Status: rg_lc onlineSlave MonitorLC10: \n",
      "Status\n",
      "Figure 7.7.4: SAP APO control of SAP liveCache service\n",
      "The PowerHA cluster uses this script hook to receive and maintain status information on the sta -\n",
      "tus expected by the application. When the cluster is started, this information is consulted (yellow line) and depending on the expected status, the monitors are set to active, passive, or deactivate and the SAP liveCache is brought online or not, according to the status of the last SAP APO request. The SAP APO request status is maintained in an NFS file shared by both the nodes and need to be high available. It is referred to as the lock directory later. The read/write access to this data is indicated by the yellow path. Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 82Overview of implementation scripts\n",
      "This section is provided for an understanding of the logic behind the cluster scripts. These scripts are provided by the solution and no customizing is required, beyond that done for the instance profile which is described in the implementation section. \n",
      "Figure 7.7.5 shows the logic used by the cluster to ensure obedience to the applications  \n",
      "expectation.\n",
      "starting stopping\n",
      "LC10 starts\n",
      "primaryLC \n",
      "DBrequest\n",
      "Error or\n",
      "Undefined\n",
      "status\n",
      "ok\n",
      "okLC10 stops\n",
      "primaryLC \n",
      "DB\n",
      "Action performedon ok:\n",
      "WriteLC10.start, thendeleteLC10.stop\n",
      "Activatehot standbyon remotenodeusing\n",
      "functionin LCutil: lc_st art_slave_remoteAction performedon ok:\n",
      "Stop slaveresourcegroupon remotenode. Action performed on error:\n",
      "Write error log message.\n",
      "Do nothing elseLC10\n",
      "exit0\n",
      "exit0exit1 Action performedon req:\n",
      "-Action performedon req:\n",
      "WriteLC10.stop, thendeleteLC10.start\n",
      "Figure 7.7.5 SAP APO to cluster control flow\n",
      "The lccluster script is called by the SAP APO application one time at the beginning of an action, indicating what the intention or the request is, and again after the action, indicating the result. The cluster reacts only to the request or intent, and enters either the silent – not active – or acti -\n",
      "ve monitoring status. The lock directory can be empty what is treated as a stop or contains either LC10.stop or LC10.start message.\n",
      "In case of a start request, SAP APO starts the master itself and the cluster arms the master run -\n",
      "time monitor. If the first attempt to bring SAP liveCache online fails the application runtime \n",
      "monitor will take over. The application monitor will drive the activities of the cluster to activate a primary SAP liveCache either on the current node or invoke a failover. Finally, the standby instance is started as well by the lccluster script. This instance will be monitored thereafter by the standby runtime monitor. Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 837.7.1 Starting the SAP liveCache Cluster under SAP APO control\n",
      "The diagrams in this section show the logic used by the cluster to start the SAP liveCache service \n",
      "for the master and the standby instance. T o fulfill special needs of the SAP liveCache application, the logic needs to maintain state of the SAP liveCache as set by the SAP APO application to determine whether the service should be started or not. For the master’s monitors, a special logic was implemented which also maintains both application and monitor states. The monitor status and the application status are maintained in the lock directory. The location of the lock directory is configured in the central configuration file which is introduced in section 7.7.6. The monitor states are described in the next section. This section focuses on the application state.\n",
      "If the cluster is being restarted, the administrator may need to reset the lock status to achieve the \n",
      "action that is wanted. The cluster will start the SAP liveCache service depending on the status of the LC10 information it finds in the lock directory. The LC10 status can be either LC10.start or LC10.stop. The MONITOR state is expected to be maintained entirely by the monitor logic and cleaned up during cluster start, so no monitor data will normally be present after the startup. The SAP APO LC10 status, on the other hand, is the result of the last application request. If the -\n",
      "re is no LC10 status information, the application assumes no start request from the application has been received and will not start the SAP liveCache database instance. The SAP liveCache database instance is only started if the LC10 status is LC10.start.\n",
      "Cluster control hook for the APO:\n",
      "The script lccluster is used to give APO full control of starting/stopping liveCache. It is activated both starting and stopping liveCache and carries out the following logical sequences according to activity.\n",
      "Startup Sequence\n",
      "Step 1 request:\n",
      "In the picture the box for request the cluster to get prepared – marked with req) – is called, but no action is required. After the script has returned APO will start the MAS -\n",
      "TER instance. APO itself is not aware of the cluster and also not aware of an existing SLAVE. Therefore the lccluster script needs to give order to the cluster to handle the rest.\n",
      "Step 2 liveCache start completed successfully:\n",
      "Now the earlier mentioned lock LC10.start is set to activate the PowerHA application monitors and the standby is started.\n",
      "Stopping SequenceStep 1 request:\n",
      "On request lccluster deactivates the PowerHA application monitors by changing the lock information to LC10.stop. After the script has returned APO will stop the MASTER instance.\n",
      "Step 2 liveChache stop successfully: As a cleanup task the lccluster will stop the standby instance and then exit. Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 84In order to enable the lccluster script for a specific instance for liveCache The SID and the direc -\n",
      "tory where the PowerHA start/stop scripts have been placed needs to be edited inside the lcclus -\n",
      "ter script:\n",
      " ##Configure\n",
      " typeset SID=“HL2“      # edit!\n",
      " typeset SAPHA_SCRIPT_DIR=“/usr/es/sbin/cluster/sap“ # edit!\n",
      "starting stopping\n",
      "LC10 starts \n",
      "primary LC \n",
      "DBrequest\n",
      "Error or \n",
      "Undefined \n",
      "status\n",
      "ok\n",
      "okLC10 stops \n",
      "primary LC \n",
      "DBstarting stopping\n",
      "LC10 starts \n",
      "primary LC \n",
      "DBrequest\n",
      "Error or \n",
      "Undefined \n",
      "status\n",
      "ok\n",
      "okLC10 stops \n",
      "primary LC \n",
      "DBAction performed on req:\n",
      "-Action performed on req:\n",
      "Write LC10.stop, then delete LC10.start\n",
      "Action performed on ok:\n",
      "Write LC10.start, then delete LC10.stop\n",
      "Activate hot standby on remote node using \n",
      "function in LCutil: lc_start_slave_remoteAction performed on ok:\n",
      "Stop slave resource group on remote node. Action performed on error:\n",
      "Write error log message.\n",
      "Do nothing elseexit 0exit 1 Action performed on req:\n",
      "-Action performed on req:\n",
      "Write LC10.stop, then delete LC10.start\n",
      "Action performed on ok:\n",
      "Write LC10.start, then delete LC10.stop\n",
      "Activate hot standby on remote node using \n",
      "function in LCutil: lc_start_slave_remoteAction performed on ok:\n",
      "Stop slave resource group on remote node. Action performed on error:\n",
      "Write error log message.\n",
      "Do nothing elseexit 0exit 1LC10LC10\n",
      "exit 0exit 0\n",
      "Figure 7.7.1.1 Logic of the lccluster script\n",
      "T o make the script cl_lc_start generic, two parameters are passed to the scripts which indicate the role and what behavior is expected: MASTER or SLAVE followed by the SID.The two logic flows – master and slave – of the script are executed when the cluster is started as part of the resource group initialization and later they are also used during a recovery or a move.\n",
      "The first action for both instances is to verify that the x_server (the SAP liveCache listener) is \n",
      "started. Without the x_server, it is not possible to communication with SAP liveCache.The application status, set by SAP APO, is then consulted to determine whether the cluster has or does not have the authority to start the service. This status is maintained by the cluster and referenced to determine what action it should take as the result of a cluster restart, or a cluster failover. If the status does not exist, the start script assumes that no application direction has been given by SAP APO and the service will not be started. The lock information will be initialized to LC10.stop. The script will prepare the cluster for a SAP liveCache startup request that will be expected to come later from the SAP APO administrator, via transaction LC10. Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 857.7.2 Starting sequences of master\n",
      "cl_lc_start MASTER <SID> \n",
      " \n",
      "„Lock Directory / \n",
      "LC10.start \n",
      "exist Write LC10.stop if not written \n",
      "start vserver process  \n",
      "Exit 0 \n",
      "/lib/LCutil.lc_start_master \n",
      "starts the master DB accordingly to the returncode of „db_state\n",
      " \n",
      "Exit 0 write $LOCKFILE_DIR/MONIT OR.run success Start vserver process on all online nodes. Adjust MONIT OR.* lock information accordingly \n",
      "to RC_FOR_F AILED_MASTER_db_online  \n",
      "exit RC_FOR_F AILED_MASTER_db_online  OFFLINE)         bring database online if it fails return with ERROR to          make cl_lc_start exit accordingly to the customer  \n",
      "        configured variable RC_FOR_F AILED_MASTER_db_online \n",
      "        (default is exit 0 to always continue cluster processing) \n",
      "        sleep to give the database some time to startup and  \n",
      "        indicate a successfull start \n",
      "  STANDBY) \n",
      "       activate the standby database if it fails return with         ERROR to make cl_lc_start exit 1 \n",
      "       sleep to give the database some time to startup and  \n",
      "       indicate a successfull start \n",
      "   ONLINE)         check if Slave is running and synchronized on remote node (3 cases) \n",
      "        a) the SLA VE is running on remote host and connected to a master  \n",
      "             then nothing has to be changed and the cl_lc_start continues \n",
      "        b) the SLA VE is running on remote host and NOT  connected to a master  \n",
      "             start slave to connect it to the master and the cl_lc_start continues         c) NO SLA VE is running on remote host  \n",
      "              cl_lc_start will continue without a standby instance \n",
      "  not OFFLINE, ST ANDBY , ONLINE) \n",
      "     in case of an undefined start state an error is indicated to the startscript  \n",
      "     resulting in exit 1 Start local vserver calling \n",
      "lib/LCutil/lc_start_verver \n",
      "Figure 7.7.2.1 Flow logic for master instance startup\n",
      "The cluster start script is executed once for either a startup or a failover to activate the SAP \n",
      "liveCache master. If the initial startup of the master SAP liveCache fails on the current node, the-re are two possible actions – attempt a failover if the second node is active or stop with error. The choice of behavior is confi  gurable in the central confi  guration fi  le (RC_FOR_FAILED_MAS-TER_db_online). In some cases the customer might prefer to stop the cluster initialization and investigate the problem on the master server, in other cases the customer may wish the stand-by to takeover so that the application can come online while the failure on the master is being investigated. The consideration is that this recovery approach can lead to a ping-pong failover if neither of the servers can successfully start the master SAP liveCache. The default is set to con-tinue to try to bring the master online by means of a failover as long as there is a second server available.\n",
      "If the master is successfully started, the cluster looks at the status of the standby node and att-\n",
      "empts to start the standby. A standby SAP liveCache must be started via the master instance to start the ongoing synchronization communication between master and standby.  In case the master was not started successfully the default action is to update the monitor state information and return with success – this in essence completes the startup and does a handover to the runtime monitor. The application runtime monitor is activated every few seconds (confi  -gurable in PowerHA) so that after few seconds the application runtime monitor will detect the failure and initiate recovery. This default action is chosen if the confi  guration variable RC_FOR_FAILED_MASTER_db_online in the confi  guration fi  le is set to other than 1 ( setting of “1” indicates that the cluster should stop if the initial start of the master fails).  Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 86Note: The master resource group itself is configured not to attempt a restart and never to fall \n",
      "back. In case we have only one node available, and the db_online fails on this node, the cluster will log an error situation and stop processing. It will not continue to try to bring up the mas -\n",
      "ter repeatedly on the same node. For this situation a notification method should be enabled to inform the administrator instantly that the SAP liveCache database cannot be brought online.\n",
      "For certain environments it could make sense to exit the start script with an error (return code \n",
      "=1). PowerHA reacts on this return code stopping further actions and wait for manual interaction rather than attempting further recovery. T o handle this, a notification method should be enabled in PowerHA to inform the administrator instantly. \n",
      "The background of $LOCKFILE_DIR/MONITOR.run is described later in this chapter. The \n",
      "configuration for the RC_FOR_FAILED_MASTER_db_online variable is discussed in section 7.7.2.\n",
      "The state transition diagram show the state changes between mas -\n",
      "ter and slave database status. If the action is the result of a failover of an active database, the db_state at failover will be standby and \n",
      "the database will be brought online as master. If this is an initial start, the status of the master database will be offline and the data-base will be brought online as master and the slave as standby. An online master instance is untouched. This logic is encapsulated in the library LCutil. The function lc_start_master performs the required actions to bring the database service online accordingly to the state it detects. \n",
      "Note: During a startup, these actions are only performed by the \n",
      "cluster when LC10.start indicator has been set by SAP APO. OFF \n",
      "LINE\n",
      "ON \n",
      "LINESTAND\n",
      "BY\n",
      "Figure 7.7.2.2: Database state transition\n",
      "In the case of a shutdown, if the cluster or a resource group is stopped or the application requests SAP liveCache shutdown, the database is also returned back to offline state. If the database ap-\n",
      "plication fails, SAP liveCache itself will return the instance to offline status.\n",
      "In cases other than when a running Master is detected, the Slave is started by it’s cluster logic. \n",
      "The components covering this are the application monitor and the resource group relationships defined between Master and Slave. If an ONLINE Master is detected, action is taken to ensure the Slave is correctly connected and communicating with the Master instance. In this case, the standby liveCache instance is brought online via the Master.\n",
      "As the final action of a successful startup, the script starts the vserver process on the local node \n",
      "enabling network access to the instance. Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 877.7.3 Starting sequence of the slave \n",
      "In case of the node being the slave, the script (fi  gure 7.7.3.1) intentionally always returns with \n",
      "success in regards to cluster processing. This is necessary to continue with cluster processing otherwise the complete cluster processing will stop with error and will require manual recovery. This logic takes into consideration the fact that the slave may have failed, but the SAP liveCache can continue without a standby and therefore the cluster processing is not stopped. The slave monitor will attempt the recovery of the slave.\n",
      "cl_lc_start SLA VE <SID> \n",
      "LC10.start \n",
      "exist \n",
      "/lib/LCutil.lc_start_slave \n",
      "clean up old slave instance if necessary \n",
      "start the secondary DB from the primary DB \n",
      "exit 0 Check: host runs  \n",
      "a slave which is  \n",
      "already \n",
      "registered  \n",
      "and working Write log entry /lib/LCutil.lc_start_slave  \n",
      "Detect running  \n",
      "primary DB on other node  Message – slave will not be  \n",
      "started without a running master or a running db on this node \n",
      "exit 0 Start vserver on all online nodes \n",
      "exit 0 \n",
      "Write ERROR log entry success Check:  \n",
      "Service IP  online \n",
      "on this node Message – slave will not be  \n",
      "started. Found Service IP  for a MASTER instance.  \n",
      "exit 0 Start vserver on this node \n",
      "Figure 7.7.3.1: Overview of the monitor state logic Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 887.7.4 Stopping  and cleanup of the SAP liveCache service cluster\n",
      "CL_LC_STOP\n",
      "cl_lc_stop MASTER <SID> \n",
      "/lib/LCutil.lc_stop_instance \n",
      "$LCBIN/dbmcli -d $SID -u \n",
      "$CONTROL_LOGIN db_of fline \n",
      "Exit 0 cl_lc_stop SLA VE <SID> \n",
      "Stop x_server process locally . \n",
      "Exit 0 \n",
      "Figure 7.7.4.1: Logic of the stop script\n",
      "The stop script (fi  gure 7.7.4.1) – which is also used with parameters to handle slave and master \n",
      "instances – is used in failover recovery and cluster shutdown. A failing master is taken offl  ine whereas the standby is left in standby status to complete any open failover transitions. If the standby were to be taken offl  ine, the data cache memory structure would be deactivated and would need to be rebuilt on restart. The objective is to avoid this overhead when transitioning the standby to master status. The standby should simply change status and assume the role of the master SAP liveCache. The cleanup of slave instances is done when starting a slave and in the cl_lc_clean script.\n",
      "CL_LC_CLEAN\n",
      "cl_lc_clean ST ART <SID> \n",
      "/lib/LCutil. lc_stop_instance \n",
      "Stop the standby instance Exit 0 cl_lc_clean ST OP <SID> \n",
      "Active \n",
      "stanby \n",
      "DB /lib/LCutil. lc_check_db_active Start x_server \n",
      " cleanup MONIT OR.* lock information.  \n",
      "Figure 7.7.4.2: Logic of the clean up script\n",
      "The clean script (fi  gure 7.7.4.2) is used to reset the cluster status during a shutdown of the cluster. \n",
      "The clean up script is driven by the log resource group. If the log_volume is being taken offl  ine, the slave will have to be stopped.  The slave resource group does not take any clean up action (by de-sign), but relies on the cleanup of the prerequisite resource group (the log) to ensure the consistent clean up of the service. This avoids any type of erroneous recovery attempt being triggered.\n",
      "At cluster startup, this script ensures that x_server process is online and the lock directory is cleaned. \n",
      "This script is used both for a resource group shutdown and start up with different actions and there-fore it is parameterized with “STOP <SID>” for shutdown, and “START <SID>” for start up. Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 897.7.5 Overview of script structure\n",
      "Figure 7.7.5.1 shows an overview of the script structure and the confi  guration fi  le used by the \n",
      "cluster. These are usually located in the /usr/es/sbin/cluster/sap directory. The library is a group of general routines which are made available to the individual application scripts. The application scripts are those which are confi  gured in PowerHA as application servers and monitors of the resource groups. The sapha_env links the confi  guration fi  le sapha_<SID>.cfg and the libraries into the start, stop and monitor scripts along with other environment settings which are globally referenced. The sapha_<SID>.cfg confi  guration fi  le is used to adapt all the scripts accordingly to the SAP instance type, SID name, and other control setting from a single central reference.\n",
      "static codeLCutil\n",
      "•Param: INSTANCE, SI \n",
      "•Starts SAP Instance\n",
      "cl_lc_clean\n",
      "•Param: INSTANCE, SI \n",
      "•Starts SAP Instancesapha_<SID>.cfg\n",
      "•SAP Instancenamesand numbers\n",
      "•SAP directories\n",
      "•SAP Functions\n",
      "•TimoutValues\n",
      "•…\n",
      "cl_sap_stop\n",
      "•Param: INSTANCE, SI \n",
      "•Starts SAP Instancecl_sap_monitor\n",
      "•Param: INSTANCE, SI \n",
      "•Starts SAP Instancecl_sap_start\n",
      "•Param: INSTANCE, SID\n",
      "•Starts SAP Instancecl_lc_stop\n",
      "•Param: INSTANCE, SI \n",
      "•Starts SAP Instancecl_lc_monitor\n",
      "•Param: INSTANCE, SI \n",
      "•Starts SAP Instancecl_lc_start\n",
      "•Param: INSTANCE, SID\n",
      "•Starts SAP Instancecl_<db>_stop\n",
      "•Param: INSTANCE, SI \n",
      "•Starts SAP Instancecl_<db>_monitor\n",
      "•Param: INSTANCE, SI \n",
      "•Starts SAP Instancecl_<db>_start\n",
      "•Param: INSTANCE, SID\n",
      "•Starts SAP Instance<DB>util\n",
      "•Param: INSTANCE, SI \n",
      "•Starts SAP InstanceSAPutil\n",
      "•Param: INSTANCE, SI \n",
      "•Starts SAP Instanceutil\n",
      "•Param: INSTANCE, SI \n",
      "•Starts SAP Instancelog\n",
      "•Writestandardizedlog   \n",
      "files\n",
      "Scripts to beconfiguredin theapplicationmonitorsfortheressourcegroupsLibraryLCutil\n",
      "•Param: INSTANCE, SI \n",
      "•Starts SAP Instance\n",
      "cl_lc_clean\n",
      "•Param: INSTANCE, SI \n",
      "•Starts SAP Instancecl_sap_stop\n",
      "•Param: INSTANCE, SI \n",
      "•Starts SAP Instancecl_sap_monitor\n",
      "•Param: INSTANCE, SI \n",
      "•Starts SAP Instancecl_sap_start\n",
      "•Param: INSTANCE, SID\n",
      "•Starts SAP Instancecl_lc_stop\n",
      "•Param: INSTANCE, SI \n",
      "•Starts SAP Instancecl_lc_monitor\n",
      "•Param: INSTANCE, SI \n",
      "•Starts SAP Instancecl_lc_start\n",
      "•Param: INSTANCE, SID\n",
      "•Starts SAP Instancecl_<db>_stop\n",
      "•Param: INSTANCE, SI \n",
      "•Starts SAP Instancecl_<db>_monitor\n",
      "•Param: INSTANCE, SI \n",
      "•Starts SAP Instancecl_<db>_start\n",
      "•Param: INSTANCE, SID\n",
      "•Starts SAP Instance<DB>util\n",
      "•Param: INSTANCE, SI \n",
      "•Starts SAP InstanceSAPutil\n",
      "•Param: INSTANCE, SI \n",
      "•Starts SAP Instanceutil\n",
      "•Param: INSTANCE, SI \n",
      "•Starts SAP Instancelog\n",
      "•Writestandardizedlog   \n",
      "files\n",
      "Scripts to beconfiguredin theapplicationmonitorsfortheressourcegroupsLibraryCentral \n",
      "adap tionfor\n",
      "instancesand SIDssapha_<SID>.cfg\n",
      "•SAP Instancenamesand numbers\n",
      "•SAP directories\n",
      "•SAP functions\n",
      "•TimoutValues\n",
      "•…\n",
      "sapha_env\n",
      "•CreateLogginginfrastructure\n",
      "•Loadlibraryas required\n",
      "•Set Path\n",
      "Figure 7.7.5.1: Structure of PowerHA scripts\n",
      "7.7.6 Monitor logic and the monitor states\n",
      "This section is provided for reference only. It describes the logic used for the master‘s application monitors. The solution provided here was done for PowerHA 7.1 and may well be implemented differently in the offi  cial PowerHA version. \n",
      "PowerHA provides a structure that drives the application monitor scripts according to specifi  c \n",
      "events which it monitors at low level (such as infrastructure failures) or according to confi  gu-red settings.  The scripts which support the application do not communicate with each other in any direct control fl  ow and these scripts are also invoked as stateless. For a complex application  Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 90 sequence such as a HotStandby, this statelessness can lead to some unpredictable behavior as re -\n",
      "sult of pure circumstantial timing. T o counter this, a design has been implemented which provi-\n",
      "des state information across iterations of the status monitor so that it is possible to determine the first iteration from consequent iterations. A synchronization status is also implemented between the startup script and the runtime monitor.\n",
      "In the design for PowerHA 7.1 both a startup and a runtime monitor are implemented. There \n",
      "were three determining reasons which lead to this solution:\n",
      "1) Before the start script is called, PowerHA 7.1 uses the highest priority monitor to va -\n",
      "lidate that the application is not already started. If no startup monitor is available, the runtime monitor is used for this purpose as well. This would increase the complexity of the runtime monitor as it would need to cope for both roles.\n",
      "2) PowerHA 7.1 starts the runtime monitor in parallel with the start script which can lead to a race condition if the runtime monitor begins looking at the database status while the start script is still bringing it online.\n",
      "3) T o avoid the race condition, the runtime monitor could be purposely delayed to give the start script sufficient time to complete, which would then mean its reaction time to a failure would also be delayed. As the startup time for the application can vary considerably, dependent on the necessary actions, the monitor delay would need to be generous. As the recovery time of the SAP liveCache is critical for the overall applica -\n",
      "tion this time must be minimized and therefore a long delay in the runtime monitor was not acceptable.\n",
      "Start-up MonitorIf a single monitor is used, it will need to behave differently during the initial check, during start up, and during runtime. The first iteration determines whether the application is running and must return a negative (error RC) in order to trigger the startup. After the initial check, an error return code will trigger a failover. As the monitor is stateless, this provides a challenge.\n",
      "The design implemented ensures the following: \n",
      "1) \n",
      "The startup monitor is used for the initial check before the start script is called and always \n",
      "returns with RC of “1” to ensure the start script is called. Return code of 1 indicates to PowerHA that the application is not started and therefore the start script is triggered.\n",
      "2) The startup monitor gives the application some time to begin the start up and to get past the state of OFFLINE into one of the transient states or even to complete the start up and achieve the ONLINE status. Then it hands over to the runtime monitor by exiting with RC=” 0”. Return code “0” tells PowerHA that the startup was success -\n",
      "ful and that the runtime monitor can now take over. The startup monitor only runs for a startup or at failover. Once the startup sequence is completed, the runtime monitor begins cyclic monitoring for a failure situation.\n",
      "3) Starting the runtime monitor early minimizes the delay in starting the runtime moni -\n",
      "tor as soon as the application is ready. This improves the reaction time to any failure.  Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 91The startup monitor uses a monitor status to differentiate between the initial iteration and any \n",
      "subsequent iteration. In the proof of concept, only two iterations were necessary – one to trigger the startup script and one to hand over to the runtime monitor. \n",
      "This design simplifies the behavior of the monitors. Not arming the runtime monitor before \n",
      "the start script returns avoids false failovers and this is covered by the handover approach. This approach is covered next.\n",
      "7.7.7 Handover and synchronization between monitor and startup\n",
      "Due to the design of PowerHA, which starts the runtime monitor in parallel with the startup script, a synchronization mechanism has been established between the startup monitor and the runtime monitor to avoid a race condition and to protect the start sequence. The lock is main -\n",
      "tained along with the LC10 lock in the shared repository (specified in the configuration script variable $LOCKFILE_DIR). The following picture will outline the state change of the lock.\n",
      "The start up script (cl_lc_start for a master instance), and both monitors for the master \n",
      "( cl_lc_startupmonitor, cl_lc_monitor) and the  start time cleanup script (cl_lc_clean START) react to and alter the synchronization states depicted in figure 7.7.7.1. In this figure, the final state depicted  is actually a transitory situation and not an actual state. If the startup status of the application itself in successful and the database is online, then either of the states (runtime or run) can directly transition to the online status.  This will only be done by the master runtime monitor. This action is described in the script logic below.\n",
      "-\n",
      "MONIT OR\n",
      ".startup\n",
      "MONIT OR.\n",
      "runtime-\n",
      "MONIT OR\n",
      ".run\n",
      "MONIT OR.\n",
      "runtime\n",
      "run\n",
      "Figure 7.7.7.1: Monitor state transition Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 92cl_lc_clean START:\n",
      "when the cluster is restarted, it needs to be ensured that any previous lock information is cleaned up. The clean up script is invoked as one of the first activities in the startup sequence and it resets all monitor status. This reset is depicted by the dotted line in figure 7.7.7.1.\n",
      "cl_lc_startupmonitor:\n",
      "This monitor is called exactly two times by PowerHA processing. The first time it is called it sets the MONITOR.startup state in order to know it has already been called once. \n",
      "The second time it changes the status from MONITOR.startup to MONITOR.runtime. Mo -\n",
      "nitor runtime is information intended for the runtime monitor to inform it that the startup \n",
      "sequence may still be in progress. After these two iterations, the startup monitor returns “0” to PowerHA which signals PowerHA that it can start the runtime monitor. The runtime monitor (cl_lc_monitor) will run periodically from now on as long the cluster does not move the resource group. This monitor is the only consumer of the state startup, which differentiates the first from the second iteration.\n",
      "cl_lc_start MASTER:\n",
      "This script is triggered by PowerHA after the first iteration of the startup monitor. When the db_online command returned with success (representing an ONLINE master SAP liveCache instance) it sets MONITOR.run just before exiting back to PowerHA. If the  db_online re -\n",
      "quest fails, there are two options on how to proceed. The option selected is determined by the configuration of the variable  RC_FOR_FAILED_MASTER_db_online. The default case for RC_FOR_FAILED_MASTER_db_online = 0. This would result in the script setting the state to MONITOR.run and exiting with RC=0. In this case it is left to the runtime monitor to discover an error status – a monitor status of RUN but no online database. \n",
      "The second option, resulting from  RC_FOR_FAILED_MASTER_db_online = 1,  is to reset the \n",
      "state and remove all locks and exit with a failure. This script does not consume any lock informa -\n",
      "tion it only sets the state to RUN or cleans up all status as part of failure.\n",
      "cl_lc_monitor MASTER:\n",
      "This is the cyclic runtime monitor. As  soon as the runtime monitor encounters the status of MONITOR.run, indicating that the startup sequence is completed, it removes all remaining lock status and normal monitoring is enabled. In case only MONITOR.runtime is found, indicating the start sequence may still be in progress, it checks the status of the database and if the databa -\n",
      "se is online, it can proceed to clean up and enable normal monitoring. If any other DB state is found, it assumes the startup sequence is still in progress and takes no further action.This monitor is the only consumer of the states run and runtime.\n",
      "The following picture shows the call sequence of the scripts, the state relevance for the scripts, \n",
      "and the action taken by PowerHA as a result of the return codes in a bit more detail. Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 937.7.8 Logic of the monitor synchronization\n",
      "- startup\n",
      "runtimeRC=1\n",
      "RC0\n",
      "RC1 RC0DB Online ok or\n",
      "RC_FOR_FAI LED_MASTER_db_online= 0First ite ration  \n",
      "2nd iteration runtime\n",
      "-RC01\n",
      "3\n",
      "run -\n",
      "RC_FOR_FAI LED_MASTER_db_online= 1run\n",
      "24Pictur e shows processing with LC10.start flag  \n",
      "for database service activation.\n",
      "db OFFLINEdb ONLIN E5\n",
      "6\n",
      "RC1db ONLIN EStartupMonitor:\n",
      "cl_lc_startupmonitorMASTER\n",
      "Startscr ipt:\n",
      "cl_lc_startMASTERRuntimeMonitor:\n",
      "cl_lc_monitorMASTER\n",
      "Figure 7.7.8.1: Overview of the monitor state logic\n",
      "1) When the cluster starts moving the master resource group as a result of a cluster \n",
      "startup or a failover, the lock should be empty or at least is should never contain the state startup. PowerHA uses the startup monitor to check if the application is already running or if cl_lc_start MASTER SID should be called. The start script will only be executed by PowerHA if the start up monitor indicates the application is not currently active (by returning a RC=1). As we want the application start script to be triggered, we always return RC=1. T o indicate the start script has been called once the lock state is set to MONITOR.startup.\n",
      "2) In the case that the start script exits the dbmcli db_online command with OK, indica -\n",
      "ting the SAP liveCache instance has been set online, it sets MONITOR.run which can coexist with the MONITOR.runtime later indicated by the transitory status of MO -\n",
      "NITOR.run* in the state diagram in figure 7.7.7.1. This informs the runtime monitor later on that the startup phase is completed. The runtime monitor is now enabled to react to a database status outside the expected ONLINE status with a failover. \n",
      " This lock MONITOR.run ensures that no race condition occurs between the startup script and the application runtime monitor. In case the start script fails to bring the database online, there are two possible reaction paths. The reaction is determined by  Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 94the setting of the parameter variable RC_FOR_FAILED_MASTER_db_online in the \n",
      "configuration file. Either the liveCache service will be stopped with error, or (default) the initial startup will be handled by the runtime monitor. \n",
      "3) PowerHA waits a configured amount of time before invoking the startup monitor in the next iteration. PowerHA will do this until the startup monitor returns RC=0 (indi -\n",
      "cating success). Since we want to call it only twice, we always return “0” on the second iteration. as MONITOR.startup status and update the lock information to MONI -\n",
      "TOR.runtime. PowerHA ensures that this step happens before the runtime monitor is called. \n",
      "4) From this point on, PowerHA will use the runtime monitor and will not call the star -\n",
      "tup monitor.\n",
      "5) The runtime monitor will see the lock and will give the application time to start up. This solves timing issues which could result in false failovers. Of course a failed startup must be handled. This is covered in cl_lc_start MASTER <SID> start script logic if RC_FOR_FAILED_MASTER_db_online = 1 or by the runtime monitor with some delay if RC_FOR_FAILED_MASTER_db_online = 0. The SAP command line inter -\n",
      "face used to request the database to come online ( dbmcli db_online) will only return RC=0 if the database has come up with a running database in ONLINE state. \n",
      "6) As soon the database is online the lock is removed and normal monitoring starts until the next monitoring event (indicated by a RC=1) triggers a failover of the resource group.\n",
      "Note: The transition between the lock states run, runtime, run* before they are removed is a timing question between monitor frequency of the startup monitor and finishing the startscript. Several state combinations can lead to a successful transition to normal monitoring. Important is that the startup sequence is coordinated and results in an online database.\n",
      "Note: the startup monitor must only be used for master instances.\n",
      "7.7.9 SSH authorization from Hot Standby to SAN Volume Controller\n",
      "The series of steps described here are not extremely intuitive so they must be followed as docu -\n",
      "mented. The end result is that the AIX user, sdb will be able to access the SAN Volume Control-\n",
      "ler server with the user admin and carry out the necessary commands to drive the LC to storage integration.\n",
      "Setting up the keys on AIX\n",
      "The user on AIX Hot Standby side is sdb. The keys are generated from this user.\n",
      "From root, change to the sdb user using the following command.\n",
      "su - sdb Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 95Now generate the SSH keys using the following command.\n",
      " ssh-keygen -t rsa \n",
      "There should now be a directory under /home/sdb names .ssh\n",
      "# ls /home/sdb\n",
      ".profile          .sh_history       key.bk            smit.script.sdb              .ssh\n",
      "Ensure that the owner is sdb.sdba for both this directory and all files in it\n",
      "cd .ssh# ls -ltotal 24-rw-------    1 sdb      sdba           1675 Nov  3 19:02 id_rsa-rw-------    1 sdb      sdba            392 Nov  3 19:02 id_rsa.pub-rw-r--r--    1 sdb      sdba            442 Nov 15 19:53 known_hosts\n",
      "This directory will need to be copied to all the LC servers participating in SAN Volume Cont-\n",
      "roller communication.After copying, ensure that the authorizations are granted for sdb.sdba on all Hot Standby servers.\n",
      "From the laptop, upload the public key in binary format through FTP or by other possible me -\n",
      "ans. The key will have the following name:\n",
      " is_rsa.pub \n",
      "This key will now need to be loaded in the SAN Volume Controller.Setting up the SAN Volume Controller with the public key accessLogin to the SAN Volume Controller through the browser and create a user with the following \n",
      "characteristics: No password, local authentication, and SSH.\n",
      "Figure  7.7.9.1: SVC user administration Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 96Browse for the SSH public key file and add the public key loaded up from the AIX server.\n",
      "Figure  7.7.9.2: SVC  user group administration\n",
      "T esting the access from AIX to SAN Volume Controller\n",
      "Regardless of the user you specified, you must login using the ID as admin from the liveCache server.From user sdb, enter ssh admin@<IP address of SAN Volume Controller server>\n",
      "$ ssh admin@svc_isicc\n",
      "IBM_2145:svc_isicc:admin> Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 978 Summary and Conclusions  \n",
      "The results of the tests on this end-to-end high-availability infrastructure for SAP APO have \n",
      "demonstrated a robust, reliable, and very responsive solution infrastructure for mission critical implementations. The behavior and recoverability of the ATP check design far exceeded our hopes and expectations. That an open order using ATP checking per line item could continue as though nothing had happened even though it spanned the failure and recovery of major SAP APO components surprised and delighted almost everyone. The benefits this offers to both on -\n",
      "line order entry, and complex integrated solutions is nearly continuous availability, with no appli-cation level recovery requirements beyond the reactivation of asynchronous CIF queues (which are outside of the transactional critical path). The confirmation of data consistency following the cancellation of a high volume demand plan -\n",
      "ning run due to component failure proves that the system automatically recovered to such a state that the batch planning jobs and simply be restarted. The batch restart can be initiated within minutes of the failure, which helps to ensure the overnight production planning runs within a tight window of time. The jobs will restart from the beginning, but operations can bypass much of the prerequisite recovery overhead which can represent a major delay.\n",
      "The selection of components to support the high-availability and cluster solutions have proven a \n",
      "very viable reference architecture stack, which can take full advantage as well of all the strengths of the Power systems virtualization and flexibility. The PowerVM functionality provides a very strong high-availability infrastructure with an eye on TCO.\n",
      "Based on new functionalities in Power7, additional tests were performed in regards to large SCM \n",
      "systems which are published in a related document. These include the benefits of Active Memory Expansion for large application memory footprints such as the database and liveCache. These tests also demonstrate the option of using Live Partition Mobility to extend the continuous avai -\n",
      "lability of the SCM system. LPM allows a running LPAR to be relocated across machine bound-aries and thereby enabling physical server maintenance without application down time. This is beneficial for SCM even if there is a sufficient downtime window, as this method would   not require the (sometimes very large) memory resident data cache to be rebuilt and refilled as would be the case with an actual stop and restart of the APO application. \n",
      "The SAP Supply Chain Management Advance Planning and Optimization application has an \n",
      "optimal infrastructure on Power. PowerVM provides resource sharing between the compo-nents (database, liveCache, application servers) according to the load requirements and is able to realign with a change in load distribution. Considering the various scenarios running in the planning cycle of APO, including demand planning, supply and network planning, production planning and detailed scheduling, and service parts planning (Spare Parts Management), there are a number of load distribution profiles which can run in a single system and in a single plan -\n",
      "ning cycle. PowerVM provides excellent load consolidation and automatic (nearly instantaneous) resource realignment according to load requirements.\n",
      "With this reference architecture, the SAP SCM APO achieves “end to end” high availability on \n",
      "top of all the virtualization benefits provided by PowerVM. It takes advantage of the clustering  Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 98benefits of Tivoli SA MP for both SAP central services recovery, and extremely fast database \n",
      "recovery using the DB2 HADR.And finally, SAP SCM APO is given a boost of functionality with the extended high availability option of PowerHA SAP liveCache Hot Standby, completing the HA coverage for all compo-nents. This solution provides the integration of SAP liveCache with IBM storage functionality in support of a Hot Standby liveCache in synchronization with the primary server both on disk and in memory. The solution also takes advantage of state-of-the-art storage virtualization. The flexibility of the SAN Volume Controller for storage virtualization allows running applications to be moved between storage servers “on the fly”. This allows storage systems to be extended or replaced without application down-time. In addition, the mirroring functionality of the SVC can be used to ensure uninterrupted production in SCM even if a complete storage server should fail.\n",
      "This proof of concept presents a fully tested end-to-end infrastructure which is proven to be an \n",
      "extremely solid basis for mission critical supply chain management.\n",
      "9 Appendix\n",
      "9.1\t Related\tdocuments\tand\tsources\tof\tfurther\tinformation\n",
      "An IBM RedBook is available online with details on the functionality of PowerHA 7.1.http://www.redbooks.ibm.com/abstracts/sg247845.html?Open\n",
      "SAP liveCache Hot Standby command set can be found at the website below: \n",
      "http://maxdb.sap.com/doc/7_7/45/0f77bbe82f29efe10000000a114a6b/frameset.htm\n",
      "Further information on the SAP liveCache command line and DBMGUI tool.\n",
      "Command Line (dbmcli):\n",
      "http://help.sap.com/saphelp_nwpi711/helpdata/en/a3/b2462a9ef05c41922b8092257a2e2c/frameset.htm\n",
      "  DBMGUI: \n",
      "http://help.sap.com/saphelp_nwpi711/helpdata/en/a3/b2462a9ef05c41922b8092257a2e2c/frameset.htm\n",
      "(use version 7.6 and higher) Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 999.2\t \tSAP\tliveCache\tversions\n",
      "The proof of concept was executed using two different version of SAP liveCache:\n",
      "• 7.7.07.17\n",
      "• 7.7.07.26\n",
      "Upgrade to SP16 (7.7.07.26) was done due to a known problem in failover recovery in versions \n",
      "prior to support pack 16 that which did occur in the testing. \n",
      "9.3\t \tAIX,\tPowerHA,\tand\tJava\tversions\t\n",
      "The proof of concept started with PowerHA version 6.1 and then migrated to version 7.1.The version that will provide the official support for SAP liveCache with HotStandby will be closer to 7.1 and the logic implemented for 7.1 will be carried forward into the product.\n",
      "1) bos packets (6100-04-03-cluster)\n",
      "Smitty nim p install software  lppsource_61TL04SP02\n",
      " bos.adt.syscalls  5.3.7.0   # Base Level Fileset\n",
      " bos.adt.libm   6.1.2.0   # Base Level Fileset\n",
      " bos.adt.syscalls  6.1.2.0   # Base Level Fileset\n",
      " bos.data   5.3.0.0   # Base Level Fileset\n",
      " bos.net.nfs.server  5.3.7.0   # Base Level Fileset\n",
      " bos.clvm  p for concurrent access to logical volumes \n",
      " bos.rte.lvm  p for concurrent access to logical volumes\n",
      "2) PowerHA 6.1 + all available APARs for high availability\n",
      " AIX 6.1 TL05 SP03\n",
      " cluster.doc.en_US.es.html 6.1.0.0  HAES Web-based HTML\n",
      " cluster.doc.en_US.es.pdf 6.1.0.0  HAES PDF Documentation – United States\n",
      " cluster.es.cfs.rte  6.1.0.0  ES Cluster File System Support\n",
      " cluster.es.client.clcomd 6.1.0.2  ES Cluster Communication\n",
      " cluster.es.client.lib  6.1.0.1  ES Client Libraries\n",
      " cluster.es.client.rte  6.1.0.2  ES Client Runtime\n",
      " cluster.es.client.utils  6.1.0.1  ES Client Utilities\n",
      " cluster.es.csPoC.cmds 6.1.0.2  ES CSPOC Commands\n",
      " cluster.es.csPoC.dsh  6.1.0.0  ES CSPOC dsh\n",
      " cluster.es.csPoC.rte  6.1.0.2  ES CSPOC Runtime Commands\n",
      " cluster.es.nfs.rte  6.1.0.1  ES NFS Support\n",
      " cluster.es.plugins.dhcp 6.1.0.0  ES Plugins – dhcp\n",
      " cluster.es.plugins.dns  6.1.0.0  ES Plugins – Name Server\n",
      " cluster.es.server.cfgast 6.1.0.0  ES T wo-Node Configuration\n",
      " cluster.es.server.diag  6.1.0.2  ES Server Diags\n",
      " cluster.es.server.events 6.1.0.2  ES Server Events\n",
      " cluster.es.server.rte  6.1.0.2  ES Base Server Runtime\n",
      " cluster.es.server.utils  6.1.0.2  ES Server Utilities\n",
      " cluster.es.worksheets  6.1.0.0  Online Planning Worksheets\n",
      " cluster.license   6.1.0.0  HACMP Electronic License\n",
      " cluster.es.client.clcomd 6.1.0.2  ES Cluster Communication\n",
      " cluster.es.client.lib  6.1.0.1  ES Client Libraries\n",
      " cluster.es.client.rte  6.1.0.2  ES Client Runtime Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 100 cluster.es.PoC.rte  6.1.0.0  ES CSPOC Runtime Commands\n",
      " cluster.es.nfs.rte  6.1.0.1  ES NFS Support\n",
      " cluster.es.server.diag  6.1.0.0  ES Server Diags\n",
      " cluster.es.server.events 6.1.0.0  ES Server Events\n",
      " cluster.es.server.rte  6.1.0.2  ES Base Server Runtime\n",
      " cluster.es.server.utils  6.1.0.2  ES Server Utilities\n",
      " cluster.man.en_US.es.data 6.1.0.0  ES Man Pages – U.S. English\n",
      "3) PowerHA 7.1 – Used for SAP liveCache HotStandby\n",
      "AIX Level Used: 6100-06-03-1048\n",
      "cluster.doc.en_US.es.html 7.1.0.0  PowerHA SystemMirror Web-based\n",
      "cluster.doc.en_US.es.pdf 7.1.0.0  PowerHA SystemMirror PDF\n",
      "cluster.es.assist.common 7.1.0.0  PowerHA SystemMirror Smart\n",
      "cluster.es.assist.db2  7.1.0.0  PowerHA SystemMirror Smart\n",
      "cluster.es.assist.dhcp  7.1.0.0  PowerHA SystemMirror Smart\n",
      "cluster.es.assist.dns  7.1.0.0  PowerHA SystemMirror Smart\n",
      "cluster.es.assist.domino 7.1.0.0  PowerHA SystemMirror\n",
      "cluster.es.assist.filenet 7.1.0.0  PowerHA SystemMirror Smart\n",
      "cluster.es.assist.ihs  7.1.0.0  PowerHA SystemMirror Smart\n",
      "cluster.es.assist.MaxDB 7.1.0.0  PowerHA SystemMirror Smart\n",
      "cluster.es.assist.oracle 7.1.0.0  PowerHA SystemMirror Smart\n",
      "cluster.es.assist.sap  7.1.0.0  PowerHA SystemMirror Smart\n",
      "cluster.es.assist.tds  7.1.0.0  PowerHA SystemMirror Smart\n",
      "cluster.es.cfs.rte  7.1.0.0  Cluster File System Support\n",
      "cluster.es.client.clcomd 7.1.0.0  Cluster Communication\n",
      "cluster.es.client.lib  7.1.0.0  PowerHA SystemMirror Client\n",
      "cluster.es.client.rte  7.1.0.0  PowerHA SystemMirror Client\n",
      "bos.cluster.solid  6.1.6.3  POWER HA Business Resiliency\n",
      "cluster.es.server.utils  7.1.0.0  Server Utilities\n",
      "cluster.es.worksheets  7.1.0.0  Online Planning Worksheets\n",
      "cluster.license   7.1.0.0  PowerHA SystemMirror\n",
      "bos.cluster.rte   6.1.6.3  Cluster Aware AIX\n",
      "bos.cluster.solid  6.1.6.0  POWER HA Business Resiliency\n",
      "cluster.es.client.wsm  7.1.0.0  Web-based Smit\n",
      "cluster.es.cspoc.rte  7.1.0.0  CSPOC Runtime Commands\n",
      "cluster.es.migcheck  7.1.0.0  PowerHA SystemMirror Migration\n",
      "cluster.es.nfs.rte  7.1.0.0  NFS Support\n",
      "cluster.es.server.diag  7.1.0.0  Server Diags\n",
      "cluster.es.server.events 7.1.0.0  Server Events\n",
      "cluster.es.server.rte  7.1.0.0  Base Server Runtime\n",
      "cluster.es.server.utils  7.1.0.0  Server Utilities\n",
      "cluster.man.en_US.es.data 7.1.0.0  Man Pages – U.S. English\n",
      "5) Java\n",
      "Install the required Java version. We used Java 1.4.2 SR13 for this scenario Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 1019.4\t Tivoli\tSA\tMP\tand\tDB2\tHADR\tversions\n",
      " IBM DB2:    V9.7 FP 2 \n",
      " SAP:\n",
      " SAP patch level for SAP\n",
      " (disp+work/and DBSL):  94\n",
      " kernel release    701\n",
      " compiled for    64 BIT\n",
      " compilation mode   UNICODE\n",
      "Tivoli System Automation for Multiplatforms: 3.2.1\n",
      "9.5\t \tPower\tSystems,\tAIX,\tand\tstorage\tversions\n",
      "Firmware version: IBM,AL720_066\n",
      "AIX: Both, 6100-05-03-1036 and AIX 6.1 TL05 SP03 testedSAN Volume Controller Level 6.1.0.5 Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 10210 Copyrights and Trademarks\n",
      "© IBM Corporation 1994-2005. All rights reserved. References in this document to IBM  \n",
      "products or services do not imply that IBM intends to make them available in every country.\n",
      "The following terms are trademarks of International Business Machines Corporation in the  \n",
      "United States and/or other countries: Advanced Micro-Partitioning,\n",
      "AIX/L(logo), AIX 5L, DB2 Universal Database, eServer, i5/OS, IBM Virtualization Engine, Micro-Partitioning, iSeries, POWER, POWER4, POWER4+, POWER5,POWER5+, POWER6. POWER7\n",
      "A full list of U.S. trademarks owned by IBM may be found at:\n",
      "http://www.ibm.com/legal/copytrade.shtml\n",
      "UNIX is a registered trademark of The Open Group in the United States and other countries.\n",
      "Linux is a trademark of Linus T orvalds in the United States, other countries, or both.\n",
      "SAP , the SAP logo, SAP NetWeaver, and ABAP are trademark(s) or registered trademark(s) of \n",
      "SAP AG in Germany and in several other countries.\n",
      "More information about SAP trademarks can be found at:\n",
      "http://www.sap.com/company/legal/copyright/trademark.asp\n",
      "Oracle is a registered trademark of Oracle Corporation and/or its affiliates.Other company, product or service names may be trademarks or service marks of others.Information is provided “AS IS” without warranty of any kind.Information concerning non-IBM products was obtained from a supplier of these products, \n",
      "published announcement material, or other publicly available sources and does not constitute an endorsement of such products by IBM. Sources for non-IBM list prices and performance num -\n",
      "bers are taken from publicly available information, including vendor announcements and vendor worldwide homepages. IBM has not tested these products and cannot confirm the accuracy of performance, capability, or any other claims related to non-IBM products. Questions on the capability of non-IBM products should be addressed to the supplier of those products. Solution CaSe Study\n",
      "invincible Supply Chain Version 1.2 10311 Disclaimer and Special Notices\n",
      "This information could include technical inaccuracies or typographical errors. Changes are \n",
      "periodically made to the information herein; these changes will be incorporated in new editions of the publication. IBM may make improvements and/or changes in the product(s) and/or the program(s) described in this publication at any time without notice.\n",
      "Any references in this information to non-IBM Web sites are provided for convenience only and \n",
      "do not in any manner serve as an endorsement of those Web sites. The materials at those Web sites are not part of the materials for this IBM product and use of those Web sites is at your own risk.\n",
      "Any performance data contained herein was determined in a controlled environment. There-\n",
      "fore, the results obtained in other operating environments may vary significantly. Some measure-ments may have been made on development-level systems and there is no guarantee that these measurements will be the same on generally available systems. Furthermore, some measurement may have been estimated through extrapolation. Actual results may vary. Users of this document should verify the applicable data for their specific environment.\n",
      "Information concerning non-IBM products was obtained from the suppliers of those products, \n",
      "their published announcements or other publicly available sources. IBM has not tested those pro -\n",
      "ducts and cannot confirm the accuracy of performance, compatibility or any other claims related to non-IBM products. Questions on the capabilities of non-IBM products should be addressed to the suppliers of those products.\n",
      "This information contains examples of data and reports used in daily business operations. T o \n",
      "illustrate them as completely as possible, the examples include the names of individuals, compa -\n",
      "nies, brands, and products.\n",
      "All of these names are fictitious and any similarity to the names and addresses used by an actual \n",
      "business enterprise is entirely coincidental.\n",
      "COPYRIGHT LICENSE:\n",
      "This information contains sample application programs in source language, which illustrate pro -\n",
      "gramming techniques on various operating platforms. You may copy, modify, and distribute these sample programs in any form without payment to IBM, for the purposes of developing, using, marketing or distributing application programs conforming to the application programming interface for the operating platform for which the sample programs are written. These examples have not been thoroughly tested under all conditions. IBM, therefore, cannot guarantee or imply reliability, serviceability, or function of these programs\n",
      "ANY INFORMATION HEREIN IS PROVIDED “AS IS” WITHOUT WARRANTY OR \n",
      "INDEMNIFICATION OF ANY KIND BY IBM AND DO NOT ANY EXPRESS OR IMPLIED, WARRANTIES OR CONDITIONS OF MERCHANTABILITY, FITNESS OR USAGE FOR PARTICULAR PURPOSE AND ANY WARRANTY OR CONDI-TION OF NON-INFRINGEMENT. ISICC PRESS CTB-2011-1.2\n",
      "IBM SAP International Competence Center, Walldorf \n",
      "\n"
     ]
    }
   ],
   "source": [
    "## final required answers \n",
    "# iterate the nested dictionaries inside the [\"hits\"][\"hits\"] list\n",
    "for num, doc in enumerate(all_hits):\n",
    "    print (\"DOC URL:\", doc[\"_source\"][\"url\"], \"--->\", \"\\n\")\n",
    "    print (\"DOC Source:\", doc[\"_source\"][\"published_source\"], \"\\n\")\n",
    "    print (\"DOC content:\", doc[\"_source\"][\"content\"], \"\\n\")\n",
    "    break"
   ]
  },
  {
   "cell_type": "markdown",
   "id": "08f2acac",
   "metadata": {},
   "source": [
    "<span style=\"color:blueviolet\">Step 7. By using below method removing unwanted chars from documnet</span>"
   ]
  },
  {
   "cell_type": "code",
   "execution_count": 31,
   "id": "05b46c19",
   "metadata": {},
   "outputs": [],
   "source": [
    "def skip_unwanted_characters(document, keyword):\n",
    "        lines = document.split('\\n')\n",
    "        desired_text = \"\"\n",
    "        last_occurrence = -1\n",
    "        for i, line in enumerate(lines):\n",
    "            if keyword in line:\n",
    "                last_occurrence = i\n",
    "                \n",
    "        if last_occurrence != -1:\n",
    "            for line in lines[last_occurrence+1:]:\n",
    "                desired_text += line.strip() + \"\\n\"\n",
    "        else:\n",
    "            desired_text = document\n",
    "    \n",
    "        return desired_text.strip()"
   ]
  },
  {
   "cell_type": "markdown",
   "id": "80160520",
   "metadata": {},
   "source": [
    "<span style=\"color:blueviolet\">Step 8. By using below method we can remove some extra html tags from documnet</span>"
   ]
  },
  {
   "cell_type": "code",
   "execution_count": 36,
   "id": "b8ab8f38",
   "metadata": {},
   "outputs": [],
   "source": [
    "def pre_processingtext(text_data):\n",
    "        replaced = re.sub(\"\\{{ .*?\\}}\", \"\", text_data)\n",
    "        replaced = re.sub(\"\\{: .*?\\}\", \"\", text_data)\n",
    "        replaced = re.sub(\"\\(.*?\\)|\\[.*?\\] |\\{.*?\\}\", \"\", replaced)\n",
    "        replaced = re.sub(\"</?div[^>]*>\", \"\", replaced)\n",
    "        replaced = re.sub(\"</?p[^>]*>\", \"\", replaced)\n",
    "        replaced = re.sub(\"</?a[^>]*>\", \"\", replaced)\n",
    "        replaced = re.sub(\"</?h*[^>]*>\", \"\", replaced)\n",
    "        replaced = re.sub(\"</?em*[^>]*>\", \"\", replaced)\n",
    "        replaced = re.sub(\"</?img*[^>]*>\", \"\", replaced)\n",
    "        replaced = re.sub(\"&amp;\", \"\", replaced)\n",
    "        replaced = re.sub(\"</?href*>\", \"\", replaced)\n",
    "        replaced = replaced.replace(\"}\",\"\")\n",
    "        replaced = replaced.replace(\"##\",\"\")\n",
    "        replaced = replaced.replace(\"###\",\"\")\n",
    "        replaced = replaced.replace(\"#\",\"\")\n",
    "        replaced = replaced.replace(\"*\",\"\")\n",
    "        replaced = replaced.replace(\"<strong>\",\"\")\n",
    "        replaced = replaced.replace(\"</strong>\",\"\")\n",
    "        replaced = replaced.replace(\"<ul>\",\"\")\n",
    "        replaced = replaced.replace(\"</ul>\",\"\")\n",
    "        replaced = replaced.replace(\"<li>\",\"\")\n",
    "        replaced = replaced.replace(\"</li>\",\"\")\n",
    "        replaced = replaced.replace(\"<ol>\",\"\")\n",
    "        replaced = replaced.replace(\"</ol>\",\"\")\n",
    "        return replaced"
   ]
  },
  {
   "cell_type": "code",
   "execution_count": 55,
   "id": "29e1825b",
   "metadata": {},
   "outputs": [],
   "source": [
    "import pandas as pd"
   ]
  },
  {
   "cell_type": "markdown",
   "id": "a6e5cdc5",
   "metadata": {},
   "source": [
    "<span style=\"color:blueviolet\">Step 9. By using below method we can get results from Elastic Search basis of question.</span>"
   ]
  },
  {
   "cell_type": "code",
   "execution_count": 8,
   "id": "7a9624b9",
   "metadata": {},
   "outputs": [],
   "source": [
    "def elastic_retervier(question):\n",
    "    results_list=[]\n",
    "    # Create an instance of Elasticsearch with TLS options\n",
    "    es_client = Elasticsearch(\n",
    "        ES_URL,\n",
    "        ca_certs=ca_certs_path\n",
    "     )\n",
    "    info = es_client.info()\n",
    "    print(info)\n",
    "    index_name = 'superknowa'\n",
    "    search_query5 ={\n",
    "      \"query\": {\n",
    "        \"bool\": {\n",
    "          \"must\": [\n",
    "        { \"match\": { \"content\": \"'+question+'\" }}\n",
    "      ],\n",
    "          \"must_not\": [\n",
    "        { \"match\": { \"published_source\": \"Redbooks\" }}\n",
    "      ]\n",
    "        }\n",
    "      }\n",
    "    }\n",
    "    ## Top 10 documents \n",
    "    response = es_client.search(\n",
    "    index=index_name,\n",
    "    body=search_query5,\n",
    "    scroll='5m',  # Set the scroll timeout (e.g., 5 minutes)\n",
    "    size=10  # Set the number of documents to retrieve per scroll\n",
    "    )\n",
    "    all_hits = response['hits']['hits']\n",
    "    i =0\n",
    "    print(len(all_hits))\n",
    "    for num, doc in enumerate(all_hits):\n",
    "        doc_id = doc[\"_source\"][\"id\"]\n",
    "        doc_url = doc[\"_source\"][\"url\"].replace(\" \",\"\")\n",
    "        doc_source = doc[\"_source\"][\"published_source\"]\n",
    "        print (\"DOC URL:\", doc[\"_source\"][\"url\"], \"--->\", \"\\n\")\n",
    "        print (\"DOC id:\", doc[\"_source\"][\"id\"], \"--->\", \"\\n\")\n",
    "        print (\"DOC Source:\", doc[\"_source\"][\"published_source\"], \"\\n\")\n",
    "        #print (\"DOC content:\", doc[\"_source\"][\"content\"], \"\\n\")\n",
    "        string_unicode = doc[\"_source\"][\"content\"]\n",
    "        doc = string_unicode.encode(\"ascii\", \"ignore\")\n",
    "        string_decode = doc.decode()\n",
    "        keyword = \"{: shortdesc} \"\n",
    "        cleaned_text = skip_unwanted_characters(string_decode,keyword)\n",
    "        pattern =  r'\\{\\s*:\\s*[\\w#-]+\\s*\\}|\\{\\s*:\\s*\\w+\\s*\\}|\\n\\s*\\n'\n",
    "        cleaned_text = re.sub(pattern, '', cleaned_text)\n",
    "        cleaned_text = pre_processingtext(cleaned_text)\n",
    "        query_hits = {\n",
    "                    \"document\": {\n",
    "                        \"rank\": i,\n",
    "                        \"document_id\": doc_id,\n",
    "                        \"text\": cleaned_text[0:4000], \n",
    "                        \"url\" : doc_url,\n",
    "                        \"source\":doc_source\n",
    "                    },\n",
    "                }\n",
    "\n",
    "        results_list.append(query_hits)\n",
    "        results_to_display = [results_list['document'] for results_list in results_list]\n",
    "        df = pd.DataFrame.from_records(results_to_display, columns=['rank','document_id','text','url','source'])\n",
    "        # df['title'] = np.random.randint(1, 10, df.shape[0])\n",
    "        df.dropna(inplace=True)\n",
    "        i = i+1\n",
    "    return results_list\n",
    "\n",
    "    "
   ]
  },
  {
   "cell_type": "code",
   "execution_count": 57,
   "id": "d698f2f0",
   "metadata": {},
   "outputs": [],
   "source": [
    "question=\"A 2-node IBM Sterling B2B Integrator (SBI) clustered solution is being designed. The customer will initiate connections with external partners using HTTP, FTP and SFTP protocols. For load balancing and fail over purposes 2 client adapters for each protocol are configured on each node and Service Groups are being used. How many Service Groups\""
   ]
  },
  {
   "cell_type": "code",
   "execution_count": 58,
   "id": "088c62f7",
   "metadata": {},
   "outputs": [
    {
     "name": "stdout",
     "output_type": "stream",
     "text": [
      "{'name': 'm-1.3d862675-f715-499c-b9e4-ffba4d8321a0.d5c42fad68fd498ba08f6af6107b71cd.2adb0220806343e3ae11df79c89b377f.databases.appdomain.cloud', 'cluster_name': '3d862675-f715-499c-b9e4-ffba4d8321a0', 'cluster_uuid': 'UsM9ak-LRYajVAwt5yeQxw', 'version': {'number': '7.10.2', 'build_flavor': 'oss', 'build_type': 'tar', 'build_hash': '747e1cc71def077253878a59143c1f785afa92b9', 'build_date': '2021-01-13T00:42:12.435326Z', 'build_snapshot': False, 'lucene_version': '8.7.0', 'minimum_wire_compatibility_version': '6.8.0', 'minimum_index_compatibility_version': '6.0.0-beta1'}, 'tagline': 'You Know, for Search'}\n",
      "10\n",
      "DOC URL: \"https://github.com/ibm-cloud-docs/understand-questions.md\" ---> \n",
      "\n",
      "DOC URL: watson-assistant_understand-questions ---> \n",
      "\n",
      "DOC Source: IBM Developer docs \n",
      "\n",
      "DOC URL: \"https://github.com/ibm-cloud-docs/change-topic.md\" ---> \n",
      "\n",
      "DOC URL: watson-assistant_change-topic ---> \n",
      "\n",
      "DOC Source: IBM Developer docs \n",
      "\n",
      "DOC URL: https://medium.com/ibm-watson/three-ways-to-improve-your-conversational-ai-a33db7fc0d5?source=collection_archive---------0----------------------- ---> \n",
      "\n",
      "DOC URL: Three ways to improve your conversational AI ---> \n",
      "\n",
      "DOC Source: Medium \n",
      "\n",
      "DOC URL: https://medium.com/ibm-watson/three-ways-to-improve-your-conversational-ai-a33db7fc0d5?source=collection_archive---------0----------------------- ---> \n",
      "\n",
      "DOC URL: Three ways to improve your conversational AI ---> \n",
      "\n",
      "DOC Source: Medium \n",
      "\n",
      "DOC URL: https://medium.com/ibm-watson/three-ways-to-improve-your-conversational-ai-a33db7fc0d5?source=collection_archive---------0----------------------- ---> \n",
      "\n",
      "DOC URL: Three ways to improve your conversational AI ---> \n",
      "\n",
      "DOC Source: Medium \n",
      "\n",
      "DOC URL: https://medium.com/ibm-watson/three-ways-to-improve-your-conversational-ai-a33db7fc0d5?source=collection_archive---------0----------------------- ---> \n",
      "\n",
      "DOC URL: Three ways to improve your conversational AI ---> \n",
      "\n",
      "DOC Source: Medium \n",
      "\n",
      "DOC URL: https://developer.ibm.com/blogs/ /tutorials/create-your-first-assistant-powered-chatbot\n",
      " ---> \n",
      "\n",
      "DOC URL:  Create a retail customer service chatbot\n",
      " ---> \n",
      "\n",
      "DOC Source: IBM Developer \n",
      "\n",
      "DOC URL: https://developer.ibm.com/blogs/ /articles/develop-an-ai-infused-automation-tool-to-convert-business-faqs-to-watson-assistant-ready-chatbot-input\n",
      " ---> \n",
      "\n",
      "DOC URL:  Archived | Develop an AI-infused automation tool to convert business FAQs to Watson Assistant-ready chatbot input\n",
      " ---> \n",
      "\n",
      "DOC Source: IBM Developer \n",
      "\n",
      "DOC URL: https://medium.com/ibm-data-ai/finding-concise-answers-to-questions-in-enterprise-documents-53a865898dbd?source=collection_archive---------2----------------------- ---> \n",
      "\n",
      "DOC URL: Finding concise answers to questions in enterprise documents ---> \n",
      "\n",
      "DOC Source: Medium \n",
      "\n",
      "DOC URL: https://medium.com/ibm-data-ai/finding-concise-answers-to-questions-in-enterprise-documents-53a865898dbd?source=collection_archive---------2----------------------- ---> \n",
      "\n",
      "DOC URL: Finding concise answers to questions in enterprise documents ---> \n",
      "\n",
      "DOC Source: Medium \n",
      "\n"
     ]
    }
   ],
   "source": [
    "results_list =elastic_retervier(question)"
   ]
  },
  {
   "cell_type": "code",
   "execution_count": 61,
   "id": "a3c77814",
   "metadata": {},
   "outputs": [
    {
     "name": "stdout",
     "output_type": "stream",
     "text": [
      "[{'document': {'rank': 0, 'document_id': 'watson-assistant_understand-questions', 'text': \"\\nUnderstanding your users' questions or requestsActions represent the tasks or questions that your assistant can help customers with. Each action has a beginning and an end, making up a conversation between the assistant and a customer. Learn how to begin an action, where it understands and recognizes a goal based on the words a customer uses to ask a question or make a request.\\nBeginning an actionEach assistant can include as many actions as you need to have conversations with your users. You design each individual action to recognize a specific question or request, and when it does, the action starts.\\nWhen you create a new action, your first task is to enter one phrase that a customer types or says to start the conversation about a specific topic. This phrase determines the problem that your customer has or the question your user asks.\\nTo get going, you need to enter only one phrase, for example: What are your store hours?.\\nAfter you enter the phrase, it is stored in Customer starts with, at the start of the action.Testing your phraseBefore even doing anything else with your action, you can already start checking that your assistant recognizes the starting phrase.Click the Preview button.\\nEnter your first phrase, for example: What are your store hours?.If you see There are no additional steps for this action, that means the action recognizes the phrase. If the assistant doesn't understand the phrase, you'll see the built-in action No action matches. For more information, see When the assistant can't understand your customer's request.Adding more examplesWhen you're creating a new action, one example phrase is enough to start with. You can build the rest of your action with steps before adding more example phrases. Then, return to Customer starts with and add 10 or more variations of the same question or request, using words that your customers commonly use. For example:Are you open on the weekend?\\nHow late are you open today?\\nGet store hours\\nWhat time do you open?\\nAre you open now?Each phrase can be up to 1,024 characters in length.\\nBy adding these phrases, your assistant learns what is the right action for what a customer wants. The additional examples build the training data that the machine learning engine of Watson Assistant uses to create a natural language processing model. The model is customized to understand your uniquely defined actions.\\nIf you have many example phrases, you can upload them from a comma-separated value  file than to define them one by one. If you are migrating intent information from the classic  experience to example phrases in the new  experience, see Migrating intents and entities.Collect the phrases into a CSV file. Save the CSV file with UTF-8 encoding and no byte order mark .If you are creating a new CSV file to upload phrases, the format for each line in the file is as follows:\\n    &lt;phrase&gt;\\n    Where &lt;phrase&gt; is the text of a user example phrase. If youre using a spreadsheet to create a CSV file, put all your phrases into column 1, as shown in the following example:If you downloaded intents from the classic experience, the format for each line in the file is as follows:\\n    &lt;phrase&gt;,&lt;intent&gt;\\n    Where &lt;phrase&gt; is the text of a user example phrase, and &lt;intent&gt; is the name of the intent. For example:\\n    Tell me the current weather conditions.,weather_conditions\\n    Is it raining?,weather_conditions\\n    What's the temperature?,weather_conditions\\nOnly one intent can be uploaded per action, so the &lt;intent&gt; information listed in the second column of the CSV file must be the same.Go to Customer starts with at the start of the action.Click the Upload icon .Select a file from your computer.\\nThe file is validated and uploaded, and the system trains itself on the new data.\\nYou can download your example phrases to a CSV file, so you can then upload and reuse them in another  application.Go to Customer starts with at the start of the action.Click the Download i\", 'url': '\"https://github.com/ibm-cloud-docs/understand-questions.md\"', 'source': 'IBM Developer docs'}}, {'document': {'rank': 1, 'document_id': 'watson-assistant_change-topic', 'text': \"\\nAllowing your customers to change the topic of the conversationIn general, an action is designed to lead a customer through a particular process without any interruptions. However, real conversations almost never follow such a simple flow. In the middle of a conversation, customers might get distracted, ask questions about related issues, misunderstand something, or change their minds about what they want to do.The Change conversation topic feature enables your assistant to handle these digressions, dynamically responding to the user by changing the conversation topic as needed.\\nHow changing the topic worksThis example shows a customer who changes the conversation topic while they are entering a credit card. When the assistant asks What is your CVV number?, the customer  asks what a CVV is. The assistant is designed to handle this possibility, so it switches to a different action that answers the customer's question. It then continues where it left off.The assistant determines when to change the conversation topic as follows:When the assistant asks a question and receives a response, it first validates the response to see whether it answers the question. In the CVV example, the assistant expects a number as a response.If the input is not recognized as an answer to the question, the assistant then evaluates the input to see whether it matches another action. \\nIf the input does not answer the question, and it does not match any existing action of the assistant, a step validation error results. For more information about validation errors and how they are handled, see Handling errors in the conversation.If the input matches a different action, the assistant switches to the matching action. The assistant changes to the new action if it has a confidence score match of 20% or higher. In the example, the customer's response  is not a valid response, but it does match another action that is designed to answer this question. The matching action is triggered, answering the customer's question.After the second action completes, the assistant asks the customer if they want to return to the original action. If they say Yes, the assistant continues with the step where the customer changed the topic. In the example, the assistant returns to the original action and repeats the question What is your CVV number?.Enabling and disabling changing the topicBy default, the Change conversation topic feature is enabled for all assistants and actions. \\nHowever, some processes are best completed without interruption, so you might want to disable this feature. You can disable for all actions, or just for an individual action.\\nTo disable changing the topic for all actions:From the Actions page of the assistant, click Global settings .On the Change conversation topic tab, set the switch to Off.Click Save, and then click Close.To disable changing the topic for an individual action:Edit an action, then click Action settings .In the Action Settings window, toggle the Change conversation topic switch to Off.Disabling returning to the original topicEven when you allow changing the topic, you might not want a customer to return to the previous topic. If you need to do this:Edit an action, then click Action settings .Keep the Change conversation topic toggle switched to On.Select the checkbox Never return to original action after completing this action to prevent the customer from returning to the previous action.Enabling changing the topic for free text and regex customer responsesBy default, changing the conversation topic works differently for free text and regex responses. Customers can't change topics when:The assistant is asking for a free text response \\nAn utterance matches the pattern in a regex responseIf you want a customer to be able to digress and change topics while entering a free text or regex answer:Within the step, click the Settings icon for the customer response.Enable the toggle Allow customer to change topics during a free text response or A\", 'url': '\"https://github.com/ibm-cloud-docs/change-topic.md\"', 'source': 'IBM Developer docs'}}, {'document': {'rank': 2, 'document_id': 'Three ways to improve your conversational AI', 'text': 'Three ways to improve your conversational AI Techniques to streamline your AIs dialogue, increaseits Andrew R. Freed \\n Follow \\n IBM Watson Assistant \\n -- \\n Listen \\n Share \\n Conversational AI is a great way to help your users get what they need, when they need it, the way they want to get it. Still, there are several common shortcomings in Conversational AI systems. \\n This post will walk you through three simple tricks to improve your conversational AI: \\n  Ask for less \\n  Give clear choices \\n  Copy editing \\n Conversational AI systems are designed to collect all information required to complete a task. This information can come from contextual information or asking the user a question. \\n Every question the AI asks the user is an opportunity for the conversation to fail. Wherever possible, ask fewer questions, or ask easier questions. \\n Lets consider a car insurance example. The user is calling to check on the status of a claim they just filed. Fundamentally we need to figure out which claim the caller wants to talk about and fetch the details for the claim. \\n A technology driven approach might start with the knowledge that a claim details API is needed. A developer might even say they have an API that retrieves claim details by claim ID. Great! All we need is for the user to enter their 11-digit claim ID and were set. The design works backwards from whats available technically. \\n While easy for the developer, this may be challenging for the user. They must enter an 11-digit ID accurately. In voice environments, it may be challenging to correctly capture all 11 digits even if the user knows them. \\n We can make it easier for the user to enter the claim ID. Rather than asking for all 11 digits, we can ask for fewer digits . The backend still needs a claim ID, but we can make the question easier for the user. There are less chances to make a mistake speaking or typing the few number of digits. \\n There are several variations on ask an easier question: \\n  Ask a different question: For a claim, that may be the claim date. For many use cases either an ID or a date is unique for a single user. \\n  Take a picture: Some mobile apps find and extract the necessary information from a photo. \\n The downside of ask an easier question is that you are still asking a question. For an automobile claim, you are expecting the caller to have the claim in front of them. This constraint may cause the user to fail at their task. Can we make it even easier? \\n Lets flip the conversation around. Instead of starting from the technical perspective, put the user front-and-center. Why is a user calling about an automobile claim? They were probably just in a car accident and following up on the claim they submitted. \\n A user may have multiple claims, but they are probably calling about the most recent one. \\n Figure 5 removes the burden from the user. Now they dont have to have the claim in front of them. We can provide information to the user, instead of demanding information up front, and still get the information needed for our backend data retrieval. Its much easier for the user to confirm information than to provide it. Plus, this makes the conversational AI seem much smarter, and the users confidence in the system will increase. \\n This pattern requires use of additional context so that information is not given to a nefarious third party. For instance, the claim search example is driven by knowing who the caller is . \\n Skipping a question by making a reasonable assumption is not always possible, but it is a powerful technique for making more effective conversational AI systems. \\n Next, lets look at a way to improve questions that you need to ask. \\n In the previous section we improved AI effectiveness by removing questions. Sometimes you cant remove a question and need to ask it. Some questions are explicitly choice questions  requiring the user to select from a fixed list. Imagine asking the user to select an apple or an orange. This feels simple, but how can ', 'url': 'https://medium.com/ibm-watson/three-ways-to-improve-your-conversational-ai-a33db7fc0d5?source=collection_archive---------0-----------------------', 'source': 'Medium'}}, {'document': {'rank': 3, 'document_id': 'Three ways to improve your conversational AI', 'text': 'Three ways to improve your conversational AI Techniques to streamline your AIs dialogue, increaseits Andrew R. Freed \\n Follow \\n IBM Watson Assistant \\n -- \\n Listen \\n Share \\n Conversational AI is a great way to help your users get what they need, when they need it, the way they want to get it. Still, there are several common shortcomings in Conversational AI systems. \\n This post will walk you through three simple tricks to improve your conversational AI: \\n  Ask for less \\n  Give clear choices \\n  Copy editing \\n Conversational AI systems are designed to collect all information required to complete a task. This information can come from contextual information or asking the user a question. \\n Every question the AI asks the user is an opportunity for the conversation to fail. Wherever possible, ask fewer questions, or ask easier questions. \\n Lets consider a car insurance example. The user is calling to check on the status of a claim they just filed. Fundamentally we need to figure out which claim the caller wants to talk about and fetch the details for the claim. \\n A technology driven approach might start with the knowledge that a claim details API is needed. A developer might even say they have an API that retrieves claim details by claim ID. Great! All we need is for the user to enter their 11-digit claim ID and were set. The design works backwards from whats available technically. \\n While easy for the developer, this may be challenging for the user. They must enter an 11-digit ID accurately. In voice environments, it may be challenging to correctly capture all 11 digits even if the user knows them. \\n We can make it easier for the user to enter the claim ID. Rather than asking for all 11 digits, we can ask for fewer digits . The backend still needs a claim ID, but we can make the question easier for the user. There are less chances to make a mistake speaking or typing the few number of digits. \\n There are several variations on ask an easier question: \\n  Ask a different question: For a claim, that may be the claim date. For many use cases either an ID or a date is unique for a single user. \\n  Take a picture: Some mobile apps find and extract the necessary information from a photo. \\n The downside of ask an easier question is that you are still asking a question. For an automobile claim, you are expecting the caller to have the claim in front of them. This constraint may cause the user to fail at their task. Can we make it even easier? \\n Lets flip the conversation around. Instead of starting from the technical perspective, put the user front-and-center. Why is a user calling about an automobile claim? They were probably just in a car accident and following up on the claim they submitted. \\n A user may have multiple claims, but they are probably calling about the most recent one. \\n Figure 5 removes the burden from the user. Now they dont have to have the claim in front of them. We can provide information to the user, instead of demanding information up front, and still get the information needed for our backend data retrieval. Its much easier for the user to confirm information than to provide it. Plus, this makes the conversational AI seem much smarter, and the users confidence in the system will increase. \\n This pattern requires use of additional context so that information is not given to a nefarious third party. For instance, the claim search example is driven by knowing who the caller is . \\n Skipping a question by making a reasonable assumption is not always possible, but it is a powerful technique for making more effective conversational AI systems. \\n Next, lets look at a way to improve questions that you need to ask. \\n In the previous section we improved AI effectiveness by removing questions. Sometimes you cant remove a question and need to ask it. Some questions are explicitly choice questions  requiring the user to select from a fixed list. Imagine asking the user to select an apple or an orange. This feels simple, but how can ', 'url': 'https://medium.com/ibm-watson/three-ways-to-improve-your-conversational-ai-a33db7fc0d5?source=collection_archive---------0-----------------------', 'source': 'Medium'}}, {'document': {'rank': 4, 'document_id': 'Three ways to improve your conversational AI', 'text': 'Three ways to improve your conversational AI Techniques to streamline your AIs dialogue, increaseits Andrew R. Freed \\n Follow \\n IBM Watson Assistant \\n -- \\n Listen \\n Share \\n Conversational AI is a great way to help your users get what they need, when they need it, the way they want to get it. Still, there are several common shortcomings in Conversational AI systems. \\n This post will walk you through three simple tricks to improve your conversational AI: \\n  Ask for less \\n  Give clear choices \\n  Copy editing \\n Conversational AI systems are designed to collect all information required to complete a task. This information can come from contextual information or asking the user a question. \\n Every question the AI asks the user is an opportunity for the conversation to fail. Wherever possible, ask fewer questions, or ask easier questions. \\n Lets consider a car insurance example. The user is calling to check on the status of a claim they just filed. Fundamentally we need to figure out which claim the caller wants to talk about and fetch the details for the claim. \\n A technology driven approach might start with the knowledge that a claim details API is needed. A developer might even say they have an API that retrieves claim details by claim ID. Great! All we need is for the user to enter their 11-digit claim ID and were set. The design works backwards from whats available technically. \\n While easy for the developer, this may be challenging for the user. They must enter an 11-digit ID accurately. In voice environments, it may be challenging to correctly capture all 11 digits even if the user knows them. \\n We can make it easier for the user to enter the claim ID. Rather than asking for all 11 digits, we can ask for fewer digits . The backend still needs a claim ID, but we can make the question easier for the user. There are less chances to make a mistake speaking or typing the few number of digits. \\n There are several variations on ask an easier question: \\n  Ask a different question: For a claim, that may be the claim date. For many use cases either an ID or a date is unique for a single user. \\n  Take a picture: Some mobile apps find and extract the necessary information from a photo. \\n The downside of ask an easier question is that you are still asking a question. For an automobile claim, you are expecting the caller to have the claim in front of them. This constraint may cause the user to fail at their task. Can we make it even easier? \\n Lets flip the conversation around. Instead of starting from the technical perspective, put the user front-and-center. Why is a user calling about an automobile claim? They were probably just in a car accident and following up on the claim they submitted. \\n A user may have multiple claims, but they are probably calling about the most recent one. \\n Figure 5 removes the burden from the user. Now they dont have to have the claim in front of them. We can provide information to the user, instead of demanding information up front, and still get the information needed for our backend data retrieval. Its much easier for the user to confirm information than to provide it. Plus, this makes the conversational AI seem much smarter, and the users confidence in the system will increase. \\n This pattern requires use of additional context so that information is not given to a nefarious third party. For instance, the claim search example is driven by knowing who the caller is . \\n Skipping a question by making a reasonable assumption is not always possible, but it is a powerful technique for making more effective conversational AI systems. \\n Next, lets look at a way to improve questions that you need to ask. \\n In the previous section we improved AI effectiveness by removing questions. Sometimes you cant remove a question and need to ask it. Some questions are explicitly choice questions  requiring the user to select from a fixed list. Imagine asking the user to select an apple or an orange. This feels simple, but how can ', 'url': 'https://medium.com/ibm-watson/three-ways-to-improve-your-conversational-ai-a33db7fc0d5?source=collection_archive---------0-----------------------', 'source': 'Medium'}}, {'document': {'rank': 5, 'document_id': 'Three ways to improve your conversational AI', 'text': 'Three ways to improve your conversational AI Techniques to streamline your AIs dialogue, increaseits Andrew R. Freed \\n Follow \\n IBM Watson Assistant \\n -- \\n Listen \\n Share \\n Conversational AI is a great way to help your users get what they need, when they need it, the way they want to get it. Still, there are several common shortcomings in Conversational AI systems. \\n This post will walk you through three simple tricks to improve your conversational AI: \\n  Ask for less \\n  Give clear choices \\n  Copy editing \\n Conversational AI systems are designed to collect all information required to complete a task. This information can come from contextual information or asking the user a question. \\n Every question the AI asks the user is an opportunity for the conversation to fail. Wherever possible, ask fewer questions, or ask easier questions. \\n Lets consider a car insurance example. The user is calling to check on the status of a claim they just filed. Fundamentally we need to figure out which claim the caller wants to talk about and fetch the details for the claim. \\n A technology driven approach might start with the knowledge that a claim details API is needed. A developer might even say they have an API that retrieves claim details by claim ID. Great! All we need is for the user to enter their 11-digit claim ID and were set. The design works backwards from whats available technically. \\n While easy for the developer, this may be challenging for the user. They must enter an 11-digit ID accurately. In voice environments, it may be challenging to correctly capture all 11 digits even if the user knows them. \\n We can make it easier for the user to enter the claim ID. Rather than asking for all 11 digits, we can ask for fewer digits . The backend still needs a claim ID, but we can make the question easier for the user. There are less chances to make a mistake speaking or typing the few number of digits. \\n There are several variations on ask an easier question: \\n  Ask a different question: For a claim, that may be the claim date. For many use cases either an ID or a date is unique for a single user. \\n  Take a picture: Some mobile apps find and extract the necessary information from a photo. \\n The downside of ask an easier question is that you are still asking a question. For an automobile claim, you are expecting the caller to have the claim in front of them. This constraint may cause the user to fail at their task. Can we make it even easier? \\n Lets flip the conversation around. Instead of starting from the technical perspective, put the user front-and-center. Why is a user calling about an automobile claim? They were probably just in a car accident and following up on the claim they submitted. \\n A user may have multiple claims, but they are probably calling about the most recent one. \\n Figure 5 removes the burden from the user. Now they dont have to have the claim in front of them. We can provide information to the user, instead of demanding information up front, and still get the information needed for our backend data retrieval. Its much easier for the user to confirm information than to provide it. Plus, this makes the conversational AI seem much smarter, and the users confidence in the system will increase. \\n This pattern requires use of additional context so that information is not given to a nefarious third party. For instance, the claim search example is driven by knowing who the caller is . \\n Skipping a question by making a reasonable assumption is not always possible, but it is a powerful technique for making more effective conversational AI systems. \\n Next, lets look at a way to improve questions that you need to ask. \\n In the previous section we improved AI effectiveness by removing questions. Sometimes you cant remove a question and need to ask it. Some questions are explicitly choice questions  requiring the user to select from a fixed list. Imagine asking the user to select an apple or an orange. This feels simple, but how can ', 'url': 'https://medium.com/ibm-watson/three-ways-to-improve-your-conversational-ai-a33db7fc0d5?source=collection_archive---------0-----------------------', 'source': 'Medium'}}, {'document': {'rank': 6, 'document_id': ' Create a retail customer service chatbot\\n', 'text': 'Watson Assistant can help you solve a problem by providing an intelligent interface using natural language. You can use the tools provided by the Assistant service with skills that will directly help your customers. The flexibility of the GUI tools and APIs combine to allow you to power applications and tools using AI in simple and powerful ways.\\nWhat you\\'re going to learnCreate the Assistant service and first Assistant\\nCreate an action\\nAdd actions with conditions\\nAdd actions with variables\\nPublish the changes\\nConclusionCreate the Assistant service and first AssistantThe first step in using Watson Assistant is creating an instance of the service. You\\'ll do this using IBM Cloud. Give your instance a meaningful name. Choose the resource group you wish to belong to, add tags as desired, and click Create.Click Launch Watson Assistant.From the top drop-down menu, click Create new +.Give the instance a name and optional description, and click Create Assistant.Create an actionOn your new home page, you can follow the navigation steps and click Learn about Watson Assistant to watch a 1-minute video. You can either continue and click Create your first action, or use the navigation panel on the left and choose the icon for Actions.You are asked \"What does your customer say to start this interaction?\". For this tutorial, enter What are your store hours?, and click Save.Add a resonse such as \"We are open from 8:00 AM until 9:00 PM every day.\" Because the customer doesn\\'t have to add any input, and the question has been answered, you can leave the Define customer response section empty, and leave the default Continue to next step. Now let\\'s test what you have so far. Click Preview in the lower-right corner. The chatbot begins with \"Welcome, how can I assist you?\" Enter the text What are your store hours?, and click the arrow or press Enter/Return on your keyboard.. You should get the response that you entered, \"We are open from 8:00 AM until 9:00 PM every day.\"Click the counter-clockwise arrow to reset the bot. This time, enter When are you open? This time, the bot responds with \"I\\'m afraid I don\\'t understand. Please rephrase your question.\" You need to add some alternates to the customer question to help the bot understand. Click the Customer starts with box in the upper-left to go back to this and add some alternate ways to phrase the question.Click the Save icon in the upper right because this must be saved to use the Preview widget. If you click on the gear icon for the Assistant settings, you see that auto-save is on, but it performs this save when you switch between steps. Now, test again in the preview window by typing something like open that is present in your list of phrases. You should get a correct response.Notice in the preview window that the bot ends with \"There are no additional steps for this action. Add a new step or end the action.\" Let\\'s end the action. Go back to the Conversation step by clicking on it in the upper-left corner, and change the And then dropdown to End the action.Save your changes, and reset the Preview. Now, the action should complete after the store hours are given.Add actions with conditionsNow, add another action to answer the question \"Where are you located?\" From the home page, click New action +.In response to \"What does your customer say to start this interaction?\", enter Where are you located?For the section Assistant says, enter We have 2 locations, Downtown and Riverside. Which one are you closest to?\\nUnder Customer response, choose Options, and enter Downtown and Riverside. You can leave the default for Allow skipping or always ask? to be Skip if the customer already gave this information because this information is saved from that previous step. You might choose Always ask for this information, regardless of earlier messages for something like a confirmation before a purchase. \\nClick Apply.Add another step, and this time you use the pull-down menu to change Step 2 is taken to be with conditi', 'url': 'https://developer.ibm.com/blogs/ /tutorials/create-your-first-assistant-powered-chatbot\\n', 'source': 'IBM Developer'}}, {'document': {'rank': 7, 'document_id': ' Archived | Develop an AI-infused automation tool to convert business FAQs to Watson Assistant-ready chatbot input\\n', 'text': \"Archived contentArchive date: 2022-11-08This content is no longer being updated or maintained. The content is provided as is. Given the rapid evolution of technology, some content, steps, or illustrations may have changed.Developing an automated solution for creating intents, utterances, and entities directly from a business's frequently asked questions  can help developers and software teams save considerable time because they do not have to write it manually. In this article, learn about an artificial intelligence -infused automation tool to convert a business's FAQs to Watson Assistant-ready chatbot input. You can then easily integrate the solution with minimal effort to various input channels such as WhatsApp, Telegram, Slack, Facebook Messenger, and Live Chat.\\nThe article assumes that you have a basic understanding of a chatbot application, such as intents, entities, and knowledge corpus training. To understand the impact better, you should have basic development skills in API integration, Python, and the Watson Assistant SDK, as well as fundamental AI knowledge. The article covers:Business context and the use of business FAQs\\nChallenges in building a chatbot from business FAQs when the FAQs are being continuously revised\\nSolution details on how FAQs provided by customers across industry domains can be automatically fed into various components of the Watson Assistant Service\\nIntegration with input channels such as Telegram and WhatsApp\\nA sample use case with step-by-step implementation for building an automated tool that converts a business's FAQ to a ready chatbot solutionWebsite FAQs and chatbots in business\\nFAQs are important for any company because they provide clarity on the company, their products, and their services. Most companies prefer to add an FAQ page on their website, and the key benefits of having the FAQs on the website are:Improving customer experiences by providing answers to standard questions.\\nExpanding the companys online visibility through a search engine . This in turn also helps Google to understand the business better.\\nProviding customers with knowledgeable, trustworthy, and useful information on the business's services or products.\\nAddressing common questions and answers gives confidence to the customer to take the next step of purchasing a product or service.Extending the FAQs and implementing a chatbot solution provides several benefits for a company or enterprise.A single window to reach the customer. It gives customers a more personal experience than a conversation by mail or phone.\\nSupport is available 24x7 as compared to traditional customer service.\\nA company can react faster to customer inquiries, which can increase and drive a companys sales. Additionally, it can help a company to increase customer satisfaction.\\nChatbots are industry agnostic, that is, they can be used in a variety of industries.\\nChatbots can give immediate feedback to customers.Challenges and solutions\\nAutomating customer service tasks lets customer service representatives spend more time on value-added activities, leaving the chatbot to answer standard queries. Converting the available FAQs to chatbot-compatible input can help you automate the solution. To do this, the business FAQ must be enhanced to build various entities and utterances. When the entities and utterances are ready, the FAQ is fed into the AI solution. However, when implementing an FAQ chatbot solution, there can be some challenges.A considerable amount of time must be spent updating the FAQs with entities and utterances.\\nContinuously updating the FAQs requires additional effort to update the input data for the AI solution.The manual effort of creating entities and utterances in the solution can be avoided entirely by using the auto generation of utterances and intents. You can use the business's FAQs as input, but you want to be able to provide the right answers even if the question is asked in various ways. This is where the use of AI algorithms come\", 'url': 'https://developer.ibm.com/blogs/ /articles/develop-an-ai-infused-automation-tool-to-convert-business-faqs-to-watson-assistant-ready-chatbot-input\\n', 'source': 'IBM Developer'}}, {'document': {'rank': 8, 'document_id': 'Finding concise answers to questions in enterprise documents', 'text': 'Finding concise answers to questions in enterprise documents - J William Murdock \\n Follow \\n IBM Data Science in Practice \\n -- \\n Listen \\n Share \\n Authors: J. William Murdock, Avi Sil, Anastas Stoyanovsky, Christophe Guittet \\n Many business applications use some sort of search to find documents or passages. Some may also want to find answers within those documents or passages. In this article, we provide some examples of this task. We explain its relationship to cutting-edge research technologies. We then describe the answer finding capability in IBM Watson Discovery. We discuss ways of using that capability in a business application. We talk about limitations of the technology and plans to address those limitations. Finally, we discuss the availability of the capability and ask for feedback. \\n Consider the following question: \\n What versions of Firefox does InfoSphere Information Server 1.3 support? \\n An IBM support page answers this question by saying: \\n If you open the InfoSphere Information Server Web Console with Internet Explorer 11, you may get the error message: IBM InfoSphere Information Server supports Mozilla Firefox  and Microsoft Internet Explorer  browsers. \\n For some applications, finding this document might be enough to be useful. For many though, it would be better to also emphasize or highlight the exact answer: ESR 17 and 24. \\n The example above is an explicit question, but it could also be phrased as in implicit question: \\n InfoSphere Information Server 1.3 Firefox versions \\n This query is not grammatically a question, but it does have roughly the same meaning. So we would expect the same answer to this one too. \\n The answer in these examples  is a literal string within the text. This is a defining characteristic of answer finding: it finds answers in the text itself. It does not create new answers by drawing inferences. For example, if you asked an answer finding system What is 4 plus 7? it would not be able to give you a correct answer unless that system had some text that explicitly said that 4 plus 7 equals 11. The text would not need to use those exact words, but it would need to say something to that effect. \\n Finding answers in a collection of text requires finding relevant chunks of text and finding answers within those chunks. These two subtasks are often addressed using separate technologies. Finding relevant text is generally referred to as search. Search is often done using Information Retrieval capabilities such as Apache Lucene. Information Retrieval typically involves counting how many times each word in the query matches the target text. Information Retrieval gives more weight to terms that appear infrequently in the collection of documents. The combination of how many terms matched and how infrequent each of the matching terms were is used to rank search results. \\n Finding an answer within a single chunk of text  is sometimes referred to as machine reading comprehension. The task resembles the reading comprehension task that is common in standardized testing of children. The system gets a passage and a question and answers the question. With that said, most reading comprehension tests for children involve inferring an answer, not just finding an answer. So machine reading comprehension is an imperfect label for a component that finds an answer in a passage. However, it is commonly used to describe technology of this sort in a variety of scientific publications. \\n Popular data sets for testing such systems include Google Natural Questions data set  and the TyDi data set . You can learn more about the data sets and see which research systems are effective at those links. The leaderboards on the corresponding pages show which systems are doing the best on the data at a given time. GAAMA  from IBM Research, which is trained on top of a large multilingual language model called XLM-RoBERTa, is generally at or near the top of the ranking for finding short answers. \\n The answer finding capability in ', 'url': 'https://medium.com/ibm-data-ai/finding-concise-answers-to-questions-in-enterprise-documents-53a865898dbd?source=collection_archive---------2-----------------------', 'source': 'Medium'}}, {'document': {'rank': 9, 'document_id': 'Finding concise answers to questions in enterprise documents', 'text': 'Finding concise answers to questions in enterprise documents - J William Murdock \\n Follow \\n IBM Data Science in Practice \\n -- \\n Listen \\n Share \\n Authors: J. William Murdock, Avi Sil, Anastas Stoyanovsky, Christophe Guittet \\n Many business applications use some sort of search to find documents or passages. Some may also want to find answers within those documents or passages. In this article, we provide some examples of this task. We explain its relationship to cutting-edge research technologies. We then describe the answer finding capability in IBM Watson Discovery. We discuss ways of using that capability in a business application. We talk about limitations of the technology and plans to address those limitations. Finally, we discuss the availability of the capability and ask for feedback. \\n Consider the following question: \\n What versions of Firefox does InfoSphere Information Server 1.3 support? \\n An IBM support page answers this question by saying: \\n If you open the InfoSphere Information Server Web Console with Internet Explorer 11, you may get the error message: IBM InfoSphere Information Server supports Mozilla Firefox  and Microsoft Internet Explorer  browsers. \\n For some applications, finding this document might be enough to be useful. For many though, it would be better to also emphasize or highlight the exact answer: ESR 17 and 24. \\n The example above is an explicit question, but it could also be phrased as in implicit question: \\n InfoSphere Information Server 1.3 Firefox versions \\n This query is not grammatically a question, but it does have roughly the same meaning. So we would expect the same answer to this one too. \\n The answer in these examples  is a literal string within the text. This is a defining characteristic of answer finding: it finds answers in the text itself. It does not create new answers by drawing inferences. For example, if you asked an answer finding system What is 4 plus 7? it would not be able to give you a correct answer unless that system had some text that explicitly said that 4 plus 7 equals 11. The text would not need to use those exact words, but it would need to say something to that effect. \\n Finding answers in a collection of text requires finding relevant chunks of text and finding answers within those chunks. These two subtasks are often addressed using separate technologies. Finding relevant text is generally referred to as search. Search is often done using Information Retrieval capabilities such as Apache Lucene. Information Retrieval typically involves counting how many times each word in the query matches the target text. Information Retrieval gives more weight to terms that appear infrequently in the collection of documents. The combination of how many terms matched and how infrequent each of the matching terms were is used to rank search results. \\n Finding an answer within a single chunk of text  is sometimes referred to as machine reading comprehension. The task resembles the reading comprehension task that is common in standardized testing of children. The system gets a passage and a question and answers the question. With that said, most reading comprehension tests for children involve inferring an answer, not just finding an answer. So machine reading comprehension is an imperfect label for a component that finds an answer in a passage. However, it is commonly used to describe technology of this sort in a variety of scientific publications. \\n Popular data sets for testing such systems include Google Natural Questions data set  and the TyDi data set . You can learn more about the data sets and see which research systems are effective at those links. The leaderboards on the corresponding pages show which systems are doing the best on the data at a given time. GAAMA  from IBM Research, which is trained on top of a large multilingual language model called XLM-RoBERTa, is generally at or near the top of the ranking for finding short answers. \\n The answer finding capability in ', 'url': 'https://medium.com/ibm-data-ai/finding-concise-answers-to-questions-in-enterprise-documents-53a865898dbd?source=collection_archive---------2-----------------------', 'source': 'Medium'}}]\n"
     ]
    }
   ],
   "source": [
    "print(results_list)"
   ]
  },
  {
   "cell_type": "code",
   "execution_count": null,
   "id": "776258c2",
   "metadata": {},
   "outputs": [],
   "source": []
  }
 ],
 "metadata": {
  "kernelspec": {
   "display_name": "Python 3 (ipykernel)",
   "language": "python",
   "name": "python3"
  },
  "language_info": {
   "codemirror_mode": {
    "name": "ipython",
    "version": 3
   },
   "file_extension": ".py",
   "mimetype": "text/x-python",
   "name": "python",
   "nbconvert_exporter": "python",
   "pygments_lexer": "ipython3",
   "version": "3.9.13"
  }
 },
 "nbformat": 4,
 "nbformat_minor": 5
}
